DEMO 


Showcasing  a  smorgasbord 

Attendees  can  expect  a  technology  buffet  —  from  enterprise 
security  and  storage  products  to  the  gamut  of  gadgets  and  con¬ 
sumer  apps  —  as  DEMOfall  '08  unfolds  this  week.  Page  16. 


Google’s  Chrome 
browser  is  available 
only  in  beta,  but  the 
features  it  does  have 
are  fueling  thoughts 
about  where  the 
browser  is  or  should 
be  headed  at  a  time 
when  the  notion  of 
online  applications  is 
coming  of  age. 

Page  13. 


Net  mgmt. 
challenges 
continue 
to  vex  Cisco 

BY  JIM  DUFFY 


Security  costs 

In  2008, 10%  of  IT 
operating  budgets 
was  devoted  to  secu¬ 
rity,  an  increase  from 
8%  last  year.  One- 
fifth  of  companies 
plan  to  boost  IT 
security  spending  in 
2009.  Page  47. 


Network  World's 
2008  IT  Roadmap 
Conference  &  Expo 
tour  stops  in  Dallas 
on  Sept,  23  before 
heading  to  San 
Francisco. 

REGISTER  AT: 

www.networkworld. 

com/itrevents08 


Network  management  has 
been  a  source  of  frustration  for 
Cisco  for  years. 

CEO  John  Chambers  annually 
seems  to  lament  the  state  of 
Cisco  network  management 
when  he’s  asked  where  the  com¬ 
pany  is  most  challenged  or 
weakest  from  a  product  devel¬ 
opment  and  marketing  aspect. 

Perhaps  it  doesn’t  help  that 
Cisco  has  acquired  more  than 
125  companies  since  1993.  An 
acquisition  binge  at  that  pace 
will  keep  network  management 
integration  efforts  continually 
on  the  back  burner,  a  perpetual 
moving  target.  Indeed,  as  Cisco 
gets  bigger  through  acquisition 
and  market  dominance,  its  net¬ 
work  management  fabric  comes 
See  Cisco,  page  28 


Vendors  scramble  to 
manage  virtualization 


BY  DENISE  DUBIE 

The  rush  to  virtualize  data-center  re¬ 
sources  has  vendors  across  the  entire  IT 
landscape  working  to  deliver  management 
tools  designed  to  help  enterprise  IT  shops 
optimize  their  virtual  environments. 

“Many  companies  have  implemented  vir¬ 
tualization  projects  to  save  money  —  they 
didn’t  realize  that  this  entire  craze  for  virtu¬ 
alization  would  be  potentially  problematic 
when  changes  need  to  be  made  to  the  pro¬ 
duction  environment,”  says  Evelyn  Hub- 
bert,  senior  analyst  at  Forrester  Research. 

Heightening  interest  is  Microsoft’s  mar¬ 
keting  event  this  week  for  its  Hyper-V 
hypervisor,  and  hypervisor  market  leader 
VMware’s  annual  VMworld  2008  confer¬ 
ence  beginning  next  week.  A  slew  of  com¬ 
panies,  including  Microsoft,  HP  and  Red 
Hat,  are  offering  packages  that  in  one  way 
or  another  promise  to  pump  up  the  market 
for  virtualization  technologies. 

HP  added  virtualization  products  across 
its  software,  server,  thin  client  and  storage 
divisions,  for  instance;  and  Red  Hat 
acquired  desktop  virtualization  player 


MANAGEMENT  SHORTCOMINGS 

When  asked  in  what  areas  they 
needed  the  most  operational  help 
with  regards  to  their  virtual  server 
infrastructure,  nearly  40%  of 
attendees  at  a  June  Gartner  con¬ 
ference  said  management  tools 
and  integration. 


Qumranet  for  $107  million. 

Industry  watchers  say  to  expect  more  pro¬ 
duct  enhancements  as  enterprise  IT  execu¬ 
tives  adopt  x86  server  virtualization  and  ex¬ 
pand  the  technology  into  areas  such  as 
storage,  applications  and  desktops. 

“A  healthy  market  for  tools  that  manage, 
configure  and  secure  VMs  is  a  good  sign 
and  reflects  the  progressive  attitude  enter¬ 
prises  have  about  the  technology: 
Virtualization  is  ready  for  prime  time,” 
says  Phil  Hochmuth,  senior  analyst  at 
Yankee  Group. 

That  means  more  companies  will  be 
looking  to  management  and  automation 

See  Virtualization,  page  18 


BEWARE  OF  UC  SECURITY  THREATS 

Unified  communications  creates  exciting  new  ways  to  collaborate, 
but  it  also  opens  up  new  vulnerabilities.  Page  36. 


See  a  graphical  representation  of 
the  complex  testing  environment 
that  was  created  by  Network  World 
Test  Alliance  partner  Miercom. 

Page  42. 


Go  online  for  a  detailed  rundown  on 
how  we  tested  Avaya's  UC  platform. 
www.nwdocrinder.com/6522 


CLEAR  CHOICE  TEST: 

Avaya's  one-X  UC  platform  offers  all  the  bells  and 
whistles  that  you'll  need  for  a  complete  unified 
communications  system.  The  challenge  will  be  putting 
those  moving  pieces  together.  Page  38. 
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Connect  your  mobile  users 
without  disconnecting 
your  PBX. 


Move  your  mobile  workforce  over 
to  VoIP  using  innovative  software  from 
Microsoft.  Software  that  integrates 
with  Windows  Server1  Active  Directory' 
services,  Microsoft  Office,  and 
Microsoft  Exchange  Server.  Keep  your 
existing  PBX  hardware  and  still  get  new 
voice  capabilities  like  drag-and-drop 
conferencing,  anywhere  access,  and 
click-to-call  functionality  from  familiar 
desktop  applications. 

A  software-powered  VoIP 
solution,  based  on  Microsoft  Office 
Communications  Server  2007,  helps  you 
increase  the  productivity  and  flexibility 
of  your  workforce — especially  your 
mobile  users.  Empower  your  people 
with  better  connectivity,  leave  the 
PBX  plugged  in.  Learn  more  at 
microsoft.com/voip 


Your  potential.  Our  passion. 

Microsoft 
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SMART  MFPs? 

HOW  ABOUT  GENEROUS  TOO? 

;  '  : 

•  *  •*. 

Start  with  paying  up  to  30%  less  for  your  color  printing.  Then  add 
in  getting  color  accents  for  the  price  of  a  black-and-white  page. 

The  HP  CM8060  MFP  with  Edgeline  Technology  doesn't  stop  there:  it  also 
prints  and  copies  50  color  pages  a  minute,  so  your  organization  can 
be  even  more  productive.  That's  alternative  thinking  about  printing. 

hp.com/go/8060 
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GOODBADUGLY 

IT  lessons  learned  from  Katrina 


NETWORK  INFRASTRUCTURE 

24  U.S.  Census  handhelds  fall  short. 

31  Opinion  Andreas  Antonopoulos: 

The  challenge  of  securing  virtual 
operations. 

47  IT  ups  data  security  investment. 

50  Opinion ’Net  Buzz:  Was 

MythBuster’s  RFID  tale  only  a  myth? 

ENTERPRISE  COMPUTING _ 

13  How  will  Google’s  Chrome  shine? 

APPLICATION  SERVICES 

16  DEMOfall  '08  is  upon  us. 

50  Opinion  BackSpin:  How  to  ruin  a 
great  product. 

SERVICE  PROVIDERS _ 

21  How  carriers  batten  down  networks. 

22  Opinion  Scott  Bradner:  Comcast: 
Unexplained  bandwidth  caps. 

22  Opinion  Johna  Till  Johnson:The 

innovation  gap  is  real,  all  right. 

TECH  UPDATE 

32  Telecom  expense-management 
processes  pay  off  big. 


COOLTOOLS 

■  The  iTrip  Universal  connects  to  any 
MP3  player  and  transmits  the  audio  to 
a  nearby  FM  radio,  so  you  can  hear  the 
music  through  the  radio’s  speakers. 
See  Cool  Tools,  page  34. 


34  Mark  Gibbs:  Chrome  and  Firefox 
and  add-ons,  oh  my. 

34  Keith  Shaw:  Two  ‘iGadgets’  boost 
music  experience. 

NETWORKWORLD.COM 


8  Catch  up  on  the  latest  online  stories, 
blogs,  newsletters  and  videos. 


■  CONTACT  Network  World,  492  Old  Connecticut 
Path,  Framingham,  MA  01701-9002;  Phone:  (508)  766- 
5301;  E-mail:  nwnews@nww.com;  ■  REPRINTS:  (717) 
399-1900;  ■  SUBSCRIPTIONS:  Phone  (508)  820-8117; 
E-mail:  nwcirc@nww.com;  URL:  www.subscribenw.com 


GIACOMO  MARCHESI 


IT  shops  last  week  were  reporting  much 
better  news  about  their  networks’ 
health  during  and  after  Hurricane 
Gustav  than  they  did  during  Katrina 
three  years  ago.  Lessons  learned 
helped  such  organizations  as  the 
Louisiana  Supreme  Court  shore  up 
its  network,  says  Peter  Haas,  the 
court’s  director  of  technology.  During 
this  latest  storm,  the  court’s  main  data 
center  in  the  French  Quarter  remained 
up  and  running  and  connected  to 
the  MPLS  WAN;  and 
Haas  could  monitor  it 
remotely  using  such 
tools  as  wireless, 
extended  batteries  and 
backup  generators. 

Free  Web  services  exploited 

Spammers  are  exploiting  free 
Web  services  to  make  their  spam  links 
look  more  legitimate,  according  to  e- 
mail  security  vendor  MessageLabs. 

One  of  the  services,  a  photo-hosting 
site  called  ImageShack,  lets  people 
upload  different  types  of  photo  for¬ 
mats,  including  flash  files,  which  have 
the  extension  “.swf”  and  can  be  used 
to  redirect  people  automatically  to 
otherWeb  sites  —  including  spam 
sites. 

Ex-VoIP  exec  sentenced 
A  former  managing  director  of  VoIP 
provider  ITXC  was  sentenced  Sept.  3 
to  five  years  of  probation  for  his  role  in 
a  bribery  scheme  involving  telecommu¬ 
nications  contracts  in  Africa,  the  U.S. 
Department  of  Justice  said. 


CLEAR  CHOICE  TEST: 

Avaya's  one-X  UC  platform  offers  all  the  bells  and 
whistles  that  you’ll  need  for  a  complete  unified 
communications  system.  The  challenge  will  be 
putting  those  moving  pieces 
together.  Page  38. 

See  a  graphical  representation  of 
the  complex  testing  environment 
that  was  created  by  Network  World 
Test  Alliance  partner  Miercom. 

Page  42. 


Go  online  for  a  detailed  rundown  on  how 
we  tested  Avaya’s  UC  platform. 
www.nwdocfinder.com/6522 
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BEWARE  OF  UC  SECTOTY  THREAT 


BEWARE  OF  UC  SECURITY  THREATS 

Unified  communications  creates  exciting  new  ways  to  collaborate, 
but  it  also  opens  up  new  vulnerabilities.  Page  36. 


PULL 

A  snapshot  of  how  networkworld.com 
visitors  voted  on  a  key  networking  issue 
last  week: 

Hawaii  state  exec  Rex  Johnson  sent 
X-rated  e-mails  at  work.  Should  he 
have  been  fired? 


You  bet, 
kick  ’em  to 
the  curb. 
55% 


Total  voters  for  this  poll:  120 

Vote  and  discuss:  www.nwdocfinder.com/6539 


PEERSAY 


Not  becoming  a  Chrome  dome 

Re:  Given  up  on  Google  Chrome  —  already 
(www.nwdocfinder.com/6527): 

1  got  really  excited  when  1  heard  about 
Chrome,  and  wanted  to  give  it  a  try  No  luck, 
because  it’s  only  available  for  Windows.  Nice 
try, Google. Spin  up  some  hype  when  you  have 
a  true  cross-platform  solution,  like  Firefox. 

David  Backeberg 

Discuss  at  www.nwdocfinder.com/6527 

No  Chrome-plated  Outlook 
access 

Re:  Google  Chrome  can’t  handle  Outlook 
Web  Access  (www.nwdocfinder.com/6530): 

Chrome  was  fast,  and  I  mean  really  fast, 
when  logging  in  and  using  Outlook  Web  Ac¬ 
cess.  However,  it  seems  as  if  [Active  Server 
Pages]  isn’t  enabled  or  something  of  the  sort 
in  Chrome. When  I  right-click  a  mail  in  IE,  I  get 
Outlook  options  (flag,  mark  as  read,  and  so 
forth).  When  I  right-click  in  Chrome,  I  get 
Chrome  options 
(back,  forward,  in¬ 
spect  page).  I  also 
couldn't  login  to  the 
secure  login  at  work 
which  uses  a  Citrix 
connection.  Other 
than  those  two  issues, 
it  sure  is  fast  and  pret¬ 
ty  clean.  It  is  still  in 
beta,  so  I’m  sure  the 
little  bugs  will  be 
worked  out  in  the  next  release. 

Syren 

Discuss  at  www.nwdocfinder.com/6530 

He  can’t  hear  you  now 

Re:  Verizon’s  anti-iPhone  “propaganda?” 
(www.nwdocfinder.com/6524): 

I  just  finished  a  call  with  someone  on  an 
iPhone  that  was  hard  to  hear,  with  background 
noise,  and  the  call  was  dropped  twice.  The 
CTO  of  AT&T  had  to  switch  to  a  landline  to  do 
an  interview  with  Gizmodo. 

It  is  not  just  Apple  and  AT&T.  The  voice  qual¬ 
ity  on  Verizon,  Sprint  orT-Mobile  is  not  any  bet¬ 
ter.  At  some  point,  if  we  want  to  hear  each  other 
on  a  mobile  phone,  we  need  to  not  be  dis- 


►  SPECIAL  NETWORK  WORLD  FEATURE 


**At  some  point,  if  we  want  to 
hear  each  other  on  a  mobile 
phone,  we  need  to  not  be  dis¬ 
tracted  by  cool  features  and 
hold  the  service  providers’ 
feet  to  the  fire  to  fix  voice.55 


SCAN  THIS  CODE 
with  your  cell 
phone  to  get  the 
latest  IT  network 
news  delivered  to 
your  cellular 
device. 


■  ■ 


■ 

■  ■ 


■  ■■ 


■  ■■  ■■ 
■■■  ■■■ 


■  ■  I 


■  ■■■ 
■  ■ 


■  ■  ■ 


To  get  the  client 
software,  use  your  phone  browser  to 
visit  wap.connexto.com 

For  more  information  on  code  scanning 
see  www.nww.com/codescan 


MB 


traded  by  cool  features  and  hold  the  service 
providers’  feet  to  the  fire  to  fix  voice.  Or  we  can 
accept  that  we  own  expensive  paperweights. 

Rob  Adler 

Discuss  at  www.nwdocfinder.com/6524 

Projected  winner 

Re:  Six  attributes  of  successful  project  man¬ 
agers  (www.nwdocfinder.com/6525): 

Communication  should  be  like  a  laser: 
focused,  efficient  and  consisting  of  only  nec¬ 
essary  wavelengths  (people  and  content). 
Instead,  it  usually  turns  out  to  be  more  like  a 
floodlight:  scattered,  wasteful  (of  time)  and 
involving  many  unnecessary  parties. 

Josh  Nankivel 

Discuss  at  www.nwdocfinder.com/6526 

Why  do  most  switch  vendors 
support  sFlow  over  NetFlow? 

Re:  NetFlow  or  sFlow:  Which  is  the  open 
standard?  (www.nwdocfinder.com/6529): 

As  far  as  I  know,  this 
is  because  sFlow  pro¬ 
vides  data  that  deep- 
packet  inspection  can 
partially  be  used  on, 
and  it  also  provides 
physical  port  informa¬ 
tion  (very  powerful 
for  link/ 

trunk  analysis). 

As  for  “sFlow  takes 
less  engineering  to 
properly  implement  than  NetFlow/’ I’m  not  too 
sure  about  this  comment,  either.  sFlow  is  quite 
difficult  to  get  up  and  running  on  some 
switches  —  for  example,  HP  switches  — 
whereas  some  vendors  are  providing  capabil¬ 
ities  to  enable  NetFlow  from  their  software, 
removing  the  need  to  physically  access  the 
router  to  make  the  ip-flow  export,  etc.,  com¬ 
mand  changes. 

Stuart  Davis 

I’m  told  by  switch  vendors  that  Inmon  sells 
the  sFlow  chipset  at  a  very  competitive  price.  I 
know  of  no  NetFlow  chipset  that  is  available 
like  sFlow.  NetFlow  is  computationally  expen¬ 
sive  to  support  and  is  nearly  100%  accurate  in 
pure  IP  environments.  sFlow,  on  the  other 
hand,  is  not  limited  to  IP  traffic  and  samples 
the  entire  packet,  which  clearly  has  significant 
benefits.  See  the  post  at  www.nwdocfind 
er.com/6528. 

Regarding  the  HP  sFlow  setup,  make  sure 
you  upgrade  the  firmware  on  your  switches 
before  setting  up  sFlow.  HP  has  had  prob¬ 
lems  with  sFlow  support. The  latest  switches 
have  a  GUI,  which  makes  the  configuration 
much  easier. 

Michael  Patterson 

Discuss  at  www.nwdocfinder.com/6529 

E-mail  letters  to  jdix@nww.com  or  send  them 
to  John  Dix,  editor  in  chief,  Network  World,  492 
Old  Connecticut  Path,  Framingham,  MA  01 701- 
9002.  Please  include  phone  number  and  address 
for  verification 
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HP  ProCurve  Switch  2610-24/12PWR 


Flexible,  scalable  PoE  for  converged  networks  and  remote  offices 

Deploy  VoIP  or  unified  communications 

Powerful,  easy-to-use  management  software 

ProCurve  Lifetime  Warranty  featuring  advance,  next-day  replacement 


CDW 1382410 


Avaya  IP  Office  500 

•  IP  Office  500  system  supports  up  to  32  telephones 

•  Capacity  for  16  analog  trunks  or  4  digital  trunks  (96  T1/PRI  or  120  El) 

•  Optionally,  SIP  trunks  are  also  supported 

Call  CDW  for  pricing 

CDW  1162561 


AVAyA 


Avaya  4621 SW  IP  Phone 

•  Large  screen  (168x132)  graphic  display  with  backlighting 

•  Paperless  button  labels,  call  log,  speed  dial,  24  programmable  feature  keys, 
Web  browser,  integrated  Ethernet  switch  and  full  duplex  speakerphone 


AVAyA 


Call  CDW  for  pricing 

CDW  883304 


We're  there  with  the  convergence  solutions  you  need. 

Use  your  data  network  for  voice.  For  video.  For  information  streaming.  That's  just  the  beginning  of  what 
convergence  can  do  for  your  company.  CDW  has  everything  to  guide  you  through  the  process.  We  give 
you  a  personal  account  manager  who  knows  your  business  and  your  needs.  And  technology  specialists 
who  can  create  your  ideal  convergence  solution.  Then,  we  custom  configure  all  your  technology  to  your 
specifications.  So  call  CDW  today,  we'll  help  it  all  come  together. 


CDW.com  800.399.4CDW 


The  Right  Technology.  Right  Away. 


Offer  subject  to  CDW's  standard  terms  and  conditions  of  sale,  available  at  CDW.com.  ©2008  CDW  Corporation 
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INTERVIEWS,  THE  COOLEST  TOOLS  AND  MORE 
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Google  Chrome  is 
shiny,  but  needs 
some  polish 

Jason  Meserve  takes  a 
quick  look  at  the  new 
Google  Chrome  brows¬ 
er  and  tells  you  what  he 
likes,  and  where  it 
needs  some  work. 

www.nwdocfinder.com/6540 


Sights  and  sounds 
from  IFA 

More  videos  and  high¬ 
lights  from  the  con¬ 
sumer  electronics  show 
in  Berlin. 

www.nwdocfinder.com/6541 


Wii  board  becomes 
PC  peripheral 

At  the  German 
Research  Center  for 
Artificial  Intelligence 
software  engineers  took 
a  Wii  balance  board  and 
hooked  it  up  to  a  PC  to 
create  an  alternative 
input  device. 

.nwdocfinder.com/6542  J 
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AT&T  halts  CallVantage  VoIP, 
future  uncertain  for  customers 


BLOGOSPHERE 


■  Taking  the  crow  bar  to  Chrome. 

Network  World  bloggers  have  been  weighing 
in  with  mostly  negative  feedback  on  Google’s 
new  browser,  Chrome.  The  App  Performance 
View  team  of  bloggers,  Peter  Sevcik  and 
Rebecca  Wetzel,  say  that  Chrome  Creates 
Performance  Measurement  “Blind  Spot”; 
Windows  into  Silicon  Valley  blogger  Alex 
Lewis  says  that  Google  Chrome  can’t  handle 
Outlook  Web  Access;  The  Google  Subnet 
blog  says  that  Chrome  may  be  insecure  by 
design?;  Buzzblog  says  that  Google’s  entry 
into  the  browser  game  may  fail  but  was  still 
an  opportunity  it  couldn’t’  afford  to  pass  by. 
www.nwdocfinder.com/6531 

■  Server  2008  TechNet  Virtual  Labs. 

Glenn  Weadock  writes  in  his  Windows  Server 
2008  blog,  “In  a  recent  class  I  was  teaching  on 
Server  2008,  one  of  my  students  kindly  alert¬ 
ed  me  to  a  TechNet  resource  I  hadn’t  yet 
experienced:  the  virtual  labs.  I  decided  to 
take  a  look.  After  logging  in  with  my  Micro¬ 
soft  ID  and  filling  in  the  user  profile  informa¬ 
tion  that  I  have  now  filled  in  approximately 
2,350  times,  I  clicked  the  button  to  launch  the 
virtual  lab,  and  was  immediately  taken  to  — 
the  user  profile  information  form  that  I  have 
now  filled  in  approximately  2,351  times! 
www.nwdocfinder.com/6532 

■  Convergence  revolutionizes  financial 
Services.  Matthew  Nickasch  writes  in  his 
Considering  Convergence  blog,  “Let’s  focus 
on  a  specific  and  very  demanding  portion  of 
the  financial  services  market:  heavy-volume 
trading. Trading  environments  require  robust 
communications  networks,  not  only  for  data, 
but  for  voice  as  well.  Previously,  these  envi¬ 
ronments  utilized  specialized  switching 
equipment  and  end-user  ‘turrets’  to  com¬ 
bine  together  hundreds  if  not  thousands  of 
trunks,  private  lines,  ringdown  circuits,  etc. 
Why  hasn’t  this  industry  moved  towards 
convergence  in  the  last  five  years?  Honestly, 
it  was  still  an  issue  of  reliability,  and 
TDM/digital  architectures  weren’t  subject 
to  the  headaches  of  an  IP  network.” 
www.nwdocfinder.com/6534 

■  Should  Cisco  tee  up  Qlogic  and  Silver 
Peak?  In  his  Brad  Reese  on  Cisco,  Reese 
writes,  “  With  Cisco  this  year  having  made 
only  a  fraction  of  the  number  of  acquisitions 
it  made  last  year,  the  networking  giant  looks 
poised  to  pick  up  some  more  companies 
before  the  end  of  the  year,  believes  RBC 
Capital  Markets  Managing  Director  Mark 
Sue,  who  suggests  Cisco  should  be  eyeing 
up  storage  maker  QLogic  and  WAN  acceler¬ 
ation  company  Silver  Peak  Systems.” 
www.nwdocfinder.com/6533 


Convergence  &  VoIP:  AT&T  recently 
stopped  offering  its  CallVantage  VoIP  service 
to  new  subscribers.  With  no  official 
announcement,  online  shoppers  for  the  ser¬ 
vice  were  greeted  with  a  message  thanking 
would-be  customers  for  their  interest  and  not¬ 
ing  that  the  company  is  not  currently  accept¬ 
ing  new  orders  for  the  VoIP  service.The  deci¬ 
sion  affects  both  the  consumer  and  SMB  ver¬ 
sions  of  the  service.  AT&T  will  continue  to  pro¬ 
vide  CallVantage  to  existing  customers, 
although  it  has  not  disclosed  what  will  hap¬ 
pen  when  an  existing  customer  wants  to 
move  or  change  their  current  service.  AT&T 
had  already  stopped  actively  marketing 
CallVantage  within  its  local  footprint  about  a 
year  ago,  but  in  January  this  year  it  launched 
AT&T  U-verse  Voice.  Available  in  more  than  20 
metro  areas,  AT&T  U-verse  Voice  is  the  first 
commercial  product  in  the  United  States  to 
be  based  on  an  IMS  platform. 
www.nwdocfinder.com/6536 

Wireless:  The  IEEE  recently  ratified  the  long- 
awaited  802. 1  lr  standard  for  fast  handoff,  offi¬ 
cially  named  Fast  Basic  Service  Set  Transition. 
802.1  lr,  in  development  for  four  years,  is  a  key 
component  to  solving  the  performance  chal¬ 


lenges  associated  with  VoIP  overWi-Fi  in  large- 
scale  networks. 802. llr  reduces  handoff 
delays  associated  with  802.  IX  authentication 
by  shortening  the  time  it  takes  to  reestablish 
connectivity  after  a  client  transitions  from  one 
802.1 1  access  point  to  another  while  roaming. 
www.nwdocfinder.com/6537 

Unified  communications:  A  reader  of  a 
recent  newsletter  article  disagreed  with  my 
comment  about  unified  communications  that 
read  “perhaps  the  first  step  should  be  to  adjust 
the  culture  to  fit  the  technology  —  you’re  like¬ 
ly  to  be  less  successful  if  you  try  to  use  tech¬ 
nology  to  change  your  corporate  culture."  His 
contention  was  that  technology  should  not 
be  used  to  try  and  change  people  or  the  way 
they  work.To  some  extent,  I  agree  with  him. 
Using  technology  to  change  corporate  culture 
is  going  to  be  fraught  with  difficulty  for  CIOs, 
line-of-business  managers  and  others  who 
attempt  to  change  peoples  attitudes  and 
work  habits  by  imposing  some  new  technolo¬ 
gy  on  them.  If  the  change  is  too  radical,  peo¬ 
ple  will  resist  and  so  will  be  less  productive, 
and  the  company’s  investment  in  the  technol¬ 
ogy  will  be  lost. 

www.nwdocfinder.com/6538 
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»  Problems  piling  up?  The  crush  of  complicated  legacy  data  centers  —  the  multiple 
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break  free  with  Juniper  Networks.  Meet  all  your  immediate  and  long-term  initiatives 
through  a  simplified,  sustainable,  scalable  architecture  —  so  your  business  grows, 
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Companies  spend  millions  of  dollars  on  energy  to  store  their  information.  A  problem  that 
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Researchers  build 
malicious  Facebook  app 

Researchers  have  built  a  malicious  Facebook  program  in  an  experiment  to 
demonstrate  the  possible  dangers  of  social  networking  applications.  The 
application,  called  Photo  of  the  Day,  serves  up  a  new  National  Geographic 
photo  daily  But  every  time  the  application  is  clicked,  it  sends  a  600KB  HTTP 
request  for  images  to  a  victim’s  Web  site,  enabling  a  denial-of-service  attack.  The 
experiment  shows  the  ease  with  which  attackers  could  dupe  users  into  down¬ 
loading  a  seemingly  harmless  application  that  actually  performs  a  clandestine 
attack.  Facebook  and  other  sites,  such  as  MySpace,Bebo  and  Google,  are  creating 
technology  platforms  that  let  third-party  developers  build  applications  to  run  on 
those  sites,  which  has  prompted  worries  over  how  those  applications  could  be 
used  for  spam  or  to  steal  personal  data.  The  researchers’ study  was  published  by 
the  Foundation  for  Research  and  Technology  and  the  Institute  for  Infocomm 
Research,  www.nwdocfinder.com/6544 


Samsung  eyes  possible  acquisition  of 
SanDisk.  Samsung  is  eyeing  a  possible 
acquisition  of  memory  chip-maker  SanDisk. 
The  company,  which  is  the  world’s  largest 
computer  memory  maker  in  the  world,  said 
it  was  “considering  various  opportunities” 
with  regard  to  SanDisk  “but  nothing  has 
been  decided  yet.’The  comment  follows  a 
report  that  Samsung  had  engaged 
JPMorgan  Chase  to  advise  on  a  SanDisk 
acquisition.  SanDisk  has  close  ties  to 
Samsung-rival  Toshiba,  and  the  two  jointly 
operate  Flash  memory  production  facto¬ 
ries.  They  also  closely  cooperate  on  the 
design  and  development  of  memory  chips, 
so  an  acquisition  by  Samsung  could  mean 
big  competitive  changes  in  the  memory 
chip  market. The  acquisition  buzz  comes  as 
Samsung  and  SanDisk  are  battling  each 
other  in  court  over  the  April  2006  termina¬ 
tion  of  a  patent  licensing  agreement. 
www.nwdocfinder.com/6545 

IT  hiring  to  rise  slightly.  A  new  study  of 
more  than  1,400  U.S.CIOs  found  that  11% 
plan  to  hire  additional  staff  in  the  fourth 
quarter  of  this  year,  while  3%  expect  cuts.The 
net  8%  result  fell  short  of  the  10%  projected 
last  quarter,  according  to  IT  staffing  firm 
Robert  Half  Technology  The  number  of  help 
desk  and  tech-support  jobs  is  expected  to 
grow  the  most. The  top  skill  in  demand  is  net¬ 
work  administration,  which  was  cited  by  70% 
of  respondents.  Windows  Server  2000  and 
2003  administration  and  desktop  support 
came  next,  both  cited  by  69%  of  respondents. 
In  a  related  finding,  the  need  for  additional 
customer  support  was  the  top  driver  behind 
hiring  plans,  cited  by  25%  of  respondents.lt 
edged  out  business  growth,  which  was  cited 
by  23%  of  respondents.  Installing  or  creating 
new  applications  drew  21%. 
www.nwdocfinder.com/6546 


OLPC’s  dual-boot  Linux,  Windows  lap¬ 
top  due  out  soon.  A  low-cost  XO  laptop 
from  the  One  Laptop  Per  Child  project  that 
carries  both  Windows  and  Linux  will  be  out 
within  the  next  month  or  so,  according  to  an 
OLPC  official. The  device  will  let  users  boot 
up  the  operating 
system  they  prefer, 
either  Microsoft 
Windows  XP  or 
the  Linux-based 
Sugar  operating 
system  originally 
found  on  the  XO. 

The  device  is 
important  to  the 
spread  of  the  XO 
around  the  world. 

OLPC  started  as  an 
attempt  to  build  a 
$100  laptop  and  to  work  with  governments  to 
pass  them  out  to  children  in  poor  nations.  But 
some  governments  have  said  they  don’t  want 
the  XO  laptop,  no  matter  how  inexpensive  it 
is,  unless  it  has  Windows. 
www.nwdocfinder.com/6547 

Verizon  offers  free  DSL  for  up  to  six 
months.  Verizon,  following  a  quarter  when  it 
lost  133,000  DSL  customers,  has  rolled  out  an 
offer  of  up  to  six  months  of  free  DSL  with  a 
yearlong  contract.Verizon’s  entry-level  DSL 
service,  with  download  speeds  of  up  to 
768Kbps,  will  be  free  for  the  first  six  months 
for  Verizon  telephone  customers  who  sign  up 
for  a  year. The  service  will  then  revert  to  its 
current  $19.99-per-month  price. Verizon’s  high¬ 
er-speed  3Mbps  DSL  service  will  be  free  for 
six  months  to  Verizon  telephone  customers, 
and  $29.99  per  month  after  that.  People  who 
aren’t  Verizon  telephone  customers  can  get 
one  month  of  free  DSL  service  with  a  one- 
year  contract.  AT&T  has  also  recently  repriced 


its  DSL  offerings.  AT&T’s  basic  DSL  package  is 
now  priced  at  $19.95  a  month  for  1.5Mbps  of 
download  speed,  $20  less  than  the  old  rate. 

www.nwdocfinder.com/6548 

Comcast  appeals  FCC  order.  Comcast 
has  filed  a  court  appeal  of  an  FCC  ruling  last 
month  saying  the  broadband  provider  could¬ 
n’t  delay  some  peer-to-peer  traffic  on  its  net¬ 
work. The  FCC,  on  Aug.  1,  voted  3-2  to  prohibit 
Comcast  from  slowing  BitTorrent  peer-to-peer 
traffic  in  an  effort  to  reduce  network  conges¬ 
tion.  Commissioners  voting  against  Comcast 
said  the  traffic  throttling  violated  FCC  net 
neutrality  principles.  Comcast  last  week 
asked  the  U.S.  Court  of  Appeals  for  the  District 
of  Columbia  Circuit  to  review  the  decision, 
saying  the  commission  had  no  hard  rules 
against  the  company’s  network  management 
practices.  The  FCC’s  net  neutrality  principles, 
adopted  in  2005,  set  out  general  guidelines, 
but  no  specific  prohibitions,  Comcast  said. 
www.nwdocfinder.com/6549 

Oracle  buys  ClearApp  for  S0A  manage¬ 
ment.  Oracle  plans  to  buy  ClearApp, 
maker  of  software  for  managing  the  perfor¬ 
mance  of  composite  applications  in  ser¬ 
vice-oriented  architecture  environments, 
the  company  announced  last  week. 
SOA  environments  introduce  a  level 
of  complexity  that  can  make  it  hard 
to  nail  down  the  source  of  perfor¬ 
mance  problems  or  pinpoint  the 
effect  of  component  changes. 
ClearApp’s  software  automatically 
discovers  application  components 
and  their  dependencies  at  runtime 
and  monitors  performance,  accord¬ 
ing  to  Oracle.  It  will  work  alongside 
Oracle’s  Enterprise  Manager  plat¬ 
form.  The  deal  is  expected  to  close 
later  this  year.  Terms  were  not  dis¬ 
closed.  www.nwdocfinder.com/6550 

Green  IT  efforts  stymied  by  lack  of 
funds.  CIOs  and  senior  IT  executives  lack 
the  “green"  to  go  green  even  though  they 
overwhelmingly  believe  that  a  more  en¬ 
ergy-efficient  data  center  will  become  mis¬ 
sion-critical,  according  to  a  recent  survey 
conducted  by  switch-maker  Voltaire. 
Seventy-six  percent  of  executives  queried 
do  not  have  a  committed  budget  for  a 
green  policy,  even  though  90%  believe  that 
greening  their  data  centers  will  be  crucial 
to  meeting  their  companies’  business 
objectives  in  2009,  according  to  the  survey. 
In  addition,  57%  said  they  believe  going 
green  will  give  their  company  a  competi¬ 
tive  advantage.  Reducing  power  and  cool¬ 
ing  costs/requirements  was  ranked  by  52% 
of  the  respondents  as  the  most  important 
benefit  gained  by  going  green  in  the  data 
center. 

www.nwdocfinder.com/6551 
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How  will  Google's  Chrome 
shine  in  the  enterprise? 


BY  JOHN  FONTANA 

Now  that  Google  has  its  Chrome  browser 
available  in  beta,  the  question  is:  Will  it  shine  in 
corporate  environments? 

Observers  are  reminding  themselves  that  this 
is  just  a  beta  —  in  fact,  a  beta  by  Google’s  own 
admission  that  doesn’t  have  the  breadth  of  fea¬ 
tures  to  match  current  browsers.  But  the  fea¬ 
tures  it  does  have  are  fueling  thoughts  about 
where  the  browser  is  or  should  be  headed  in  a 
time  when  the  notion  of  online  applications  is 
coming  of  age. 

Key  to  Chrome  is  the  V8  JavaScript  engine 
designed  to  run  Google’s  services/applications 
and  other  online  AJAX-based  applications  like 
they  are  desktop  programs.  There  also  is  the 
client’s  browser  tabs  that  operate  as  separate 
processes  and  could  help  crash  protect  the 
software  as  a  whole  and  cement  it  as  a  stable 
client  for  online  business  applications. 

Google  said  Chrome  will  provide  more 
speed,  stability  and  security  for  Web  users, 
and  will  be  combined  with  Google  Gears, 
which  allows  users  to  take  Web-based  appli¬ 
cations  offline. 

Chrome  also  is  fueling  talk  about  where 
Google  itself  is  headed.  Some  say  Google’s 
effort  may  be  as  much  proof-of-concept  as 
future  product  in  terms  of  showing  Microsoft, 
Mozilla,  Apple  and  others  what  can  be  done, 
and  prodding  them  to  upgrade  their  own 
browser  software. 

Still  others  believe  there  will  eventually  be  a 
showdown  with  Microsoft  and  a  Google  end- 
run  at  building  an  enterprise  computing  busi¬ 
ness.  Clearly  Chrome  could  not  have  been 
timed  better  to  coincide  with  Microsoft’s  Beta  2 
release  of  Internet  Explorer  8,  a  juxtaposition 
that  Google  explained  as  a  inadvertent  leak  of 
a  comic  book  trumpeting  the  browser’s  virtues. 

“Google  has  generated  a  lot  of  excitement,” 
says  Forrester  Research  analyst  Sheri  McLeish. 
“But  it  is  a  beta  and  from  an  enterprise  per¬ 
spective  it  is  not  ready  for  serious  considera¬ 
tion  as  a  replacement  for  IE.” 

McLeish  says  anybody  who  thinks  Microsoft 
doesn’t  know  what  is  at  stake  with  cloud  com¬ 
puting  on  the  horizon  and  doesn’t  know  how 
to  compete  accordingly“is  not  based  in  reality’ 

The  infighting,  however,  will  be  good.  Google, 
she  says,  is  innovative  and  “anyone  developing 
a  browser  needs  to  keep  pace,  and  that  will 
drive  better  features  that  will  benefit  users  and 
consumers  alike.” 

On  the  competitive  front,  Google  certainly 
has  been  making  inroads  on  Microsoft’s  turf  in 
the  form  of  online  productivity  applications 
and  other  services,  such  as  Google  Earth,  that 
are  finding  their  way  into  corporate  applica¬ 
tion  mashups. 


In  addition,  Google  and  IBM  earlier  this  year 
unveiled  a  cloud  computing  environment  they 
are  testing  at  the  Massachusetts  Institute  of 
Technology  Stanford  University  and  Carnegie 
Mellon  University  It  runs  on  Linux  and  includes 
Xen  virtualization  and  an  Apache  implementa¬ 
tion  of  the  Google  File  System  called  Hadoop. 

While  future  plans  were  not  disclosed,  the 
pair  said  the  cloud  would  eventually  be  used 
to  support  an  array  of  services  and  applica¬ 
tions  tailored  for  consumers  and  businesses. 

Microsoft  has  been  developing  its  own  cloud 
environment  called  Live  Mesh,  which  it  plans 
to  update  in  October  at  its  Professional 
Developers  Conference. 

But  Chrome  won’t  be  the  straw  that  breaks 
the  camel’s  back  if  Google  sows  a  desire  to  bat¬ 
tle  Microsoft  in  the  enterprise,  observers  say 

“Chrome  is  just  one  of  many  blocks  they 
would  need  to  be  put  in  place  to  offer  enter¬ 
prise  applications,”  says  Guy  Creese,  an  analyst 
with  Burton  Group.  “There  are  enterprise 
requirements  that  have  not  even  been  fixed  in 
Google  Apps  Premier.  There  is  no  real  records 
management  for  documents,  and  they  have 
pretty  lousy  support  for  e-mail  distribution  lists.” 

Creese  also  says  that  he  is  not  sold  on  the  fact 
that  the  browser  will  be  the  focal  interface  for 
cloud  computing  down  the  road. 

“I  believe  Adobe  Air  and  [Microsoft] 
Silverlight  may  become  the  [user  interfaces]  of 
the  future,”  he  says. 

But  Chrome  is  not  all  questions  —  it  does 
have  some  answers,  Creese  says.“It  is  clear  that 
people  are  running  into  trouble  with  AJAX. 
Either  the  JavaScript  is  slow  or  it  is  a  pain  to  test 
on  all  the  browsers,”  he  says.“Chrome  is  a  way 
to  make  this  work  better.  If  Google  makes 
Chrome  run  better  they  can  show  Microsoft 
and  Mozilla  that  it  can  be  done.” 

And  it  is  that  kind  of  contribution  to  the  evo¬ 
lution  of  the  browser  where  others  see  Chrome 
providing  the  most  good.  “All  those  Web  apps 
from  Google  make  extensive  use  of  the 
JavaScript,”  says  Ray  Valdes,  research  director  at 
Gartner.’The  Google  apps  push  the  envelope  of 
the  modern  browser.  So  now  Google  is  offering 
a  better  envelope.” 

Mozilla  CEO  John  Lily  on  his  blog  welcomes 
Chrome  and  says  it  should  result  in  innova¬ 
tion.  Google  is  expanding  on  browser  themes 
developed  over  the  past  year,  including 
JavaScript  performance,  security  and  user 
interfaces,  he  says.  Collaborations  between 
Mozilla  and  Google  will  continue  on  the  tech¬ 
nical  side,  such  as  the  Breakpad  crash-report¬ 
ing  system;  and  on  the  product  front,  which 
has  produced  such  things  as  antiphishing  and 
malware  advancements  now  built  into 
Firefox,  he  says.  ■ 


Microsoft  to  release  four 
critical  patches 

Microsoft  will  release  four  critical  updates 
to  several  software  packages  on  Tuesday. 
The  patches  include  fixes  for  a  vulnerability 
that  allows  remote  code  execution  in 
Windows  Media  Player  11  on  various 
Microsoft  operating  systems  and  for  a  vul¬ 
nerability  that  allows  remote  code  execution 
in  various  versions  of  the  Windows  operat¬ 
ing  system  and  related  products,  including 
2003  Server,  Vista,  XP,  Office,  .Net 
Framework,  Works,  Visual  Studio  and  Visual 
FoxPro. The  two  other  patches  will  address 
remote  code  execution  in  Windows  Media 
Encoder  9  and  in  Office  and  Office  OneNote 
2007.  On  last  month’s  Patch  Tuesday, 
Microsoft  released  12  updates,  with  seven 
of  them  critical.The  company  released  five 
critical  patches  in  July  and  three  in  June. 

Novell  unites  security  wares 

Novell  last  week  launched  its  Compliance 
Management  Platform,  a  combination  of 
existing  identity  management  and  security- 
event  management  products  with  additional 
reporting  and  analysis  tools.The  platform, 
which  costs  $99  per  user,  includes  Identity 
Manager  3.6  integrated  with  Novell's  SEM 
product,  Sentinel  6.1. The  goal  behind  inte¬ 
grating  the  two  existing  server- based  prod¬ 
ucts  is  to  make  sure  provisioning  and 
access  control  is  a  monitored  activity  kept 
in  conformance  with  business  security  poli¬ 
cy.  It  will  give  IT  managers  a  source  for 
real-time  monitoring  of  all  identity  reposito¬ 
ries  and  allow  for  compliance  report  gener¬ 
ation  on  the  fly,  according  to  Novell.The 
Compliance  Management  Platform  comes 
with  several  predefined  policy  templates 
and  includes  Sentinel's  software  connectors 
for  centralizing  security-event  information 
from  hundreds  of  sources. 

Sony  recalls  73,000  Vaio 
laptops  due  to  burn  hazard 

Sony  is  recalling  73,000  VaioTZ  laptops 
because  of  a  possible  manufacturing  defect 
that  may  cause  them  to  overheat,  the  U.S. 
Consumer  Product  Safety  Commission  said 
last  week.The  recall  relates  to  a  problem 
with  wiring  near  the  computer’s  hinge, 
which  could  short-circuit  and  overheat  in 
certain  circumstances,  potentially  burning 
the  user.The  affected  models  are  the  VGN- 
TZ100,  VGN-TZ200,  VGN-TZ300  and  VGN- 
TZ2000  —  although  not  all  laptops  in  these 
series  are  affected.  Sony  suggests  users 
contact  the  company  to  see  whether  their 
computer  is  part  of  the  recall. 
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LEANER. 

MEANER. 

GREENER. 

Twentieth-century  datacenters  simply  weren’t  built  to  handle  the  demands  of  twenty-first 
century  business.  With  these  hardwired,  high-density  computing  environments,  we’ve  inherited 
inefficiency,  complexity  and  ever-increasing  power  and  cooling  costs.  Businesses  need  a 
new  approach.  IBM’s  New  Enterprise  Data  Center  is  a  vision  for  the  highly  efficient,  greener-by¬ 
design,  business-driven  IT  model  you’ll  need  for  tomorrow.  This  isn’t  some  far-off  theory. 
IBM  is  already  working  with  over  2,000  clients  to  help  make  this  vision  a  reality.  A  greener 
world  starts  with  greener  business.  Greener  business  starts  with  IBM. 

SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

See  our  Webcast  about  greener  datacenters  at  ibm.com/green/datacenter 
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NEWS  ANALYSIS 


‘Distributed  Web’  all  the  rage 

At  DEMO:  Software  to  allow  for  more  collaboration,  group  decision-making 


DEMO 


BY  BRAD  REED 

DEMO  executive  producer  Chris  Shipley  isn’t 
sure  what  to  call  the  evolution  of  Web  2.0  soft¬ 
ware  and  applications,  but  she  is  sure  of  one 
thing:  It  shouldn’t  be  called  Web  3.0. 

“If  anything,  1  think  I’d  call  it  the  ‘distributed 
Web,”’  says  Shipley,  whose  DEMOfall  ’08  con¬ 
vention,  a  Network  World  event,  kicks  off  in  San 
Diego  this  week.  “It’s  different  from  the  tradi¬ 
tional  Web  because  it’s  really  not  about  attract¬ 
ing  people  to  individual  Web  sites  but  about 
distributing  information  and  applications  to 
Web  sites  and  devices  where  people  are 
accessing  and  consuming  information.” 

As  Shipley  tells  it,  the  distributed  Web  will  be 
a  game-changer  for  content  creators,  advertis¬ 
ers  and  consumers  because  it  primarily  will 

push  content  out 
to  users  on  their 
personal  com¬ 
puters,  cell 
phones  or  con¬ 
sumer-electron¬ 
ics  gadgets.  The  result  will  be  an  increase  in 
more-collaborative  computing  that  will  allow  a 
greater  number  of  users  to  make  direct  deci¬ 
sions  in  corporate  projects,  and  not  have  to  rely 
on  typical  top-down  approaches  where  only 
project  managers  get  to  call  the  shots,  she  says. 

So,  with  an  eye  on  new 
distributed-Web  technolo¬ 
gies,  here’s  a  look  at  some  of 
the  enterprise  products  that 
will  be  on  display 

Lanxoma:  In  response  to 
the  well-established  reality 
of  the  inside  threat,  Unity 
Solutions  has  developed 
Lanxoma,  a  surveillance 
system  that  monitors  and 
records  every  action  done 
by  IT  employees.  According  to  the  company,  it 
lets  management  review  IT  workers’  every 
move  in  real  time.  Lanxoma  is  supposed  to  pro¬ 
vide  incentives  against  IT  workers’  defrauding 
their  companies,  and  it  gives  corporate  man¬ 
agers  the  tools  to  “stop  fraud  before  it  hap¬ 
pens”  DEMO  says. 

SkyData:  This  application  lets  companies 
send  corporate  data  to  employees’  mobile 
devices  on  demand. The  application’s  key  fea¬ 
ture  is  that  it  keeps  data  within  the  cloud  to  be 
pushed  out  to  devices,  instead  of  requiring 
employees  to  log  on  to  a  Web  browser  to 
extract  it.  In  other  words,  SkyData  is  a  distrib¬ 
uted-Web  application  that  brings  data  to  users 
rather  than  having  users  get  data  themselves. 

“We’ve  seen  a  lot  of  attempts  for  [moving] 
data  integration  out  to  mobile  devices, and  this 
is  the  first  one  that  starts  to  really  get  it  right,” 
Shipley  says.  “It’s  outside  the  Web  browser, 


^ ^  [It’s  about]  distributing  information  and  appli¬ 
cations  to  Web  sites  and  devices  where  people 
are  accessing  and  consuming  information.55 
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Chris  Shipley 

Executive  producer,  DEMO 


which  means  data  can  be  moved  more  di¬ 
rectly  into  the  application  space.” 

SkyData  integrates  several  sources  of  infor¬ 
mation,  including  CRM,  social  networks,  and 
back-office  and  business  profiles. 

PlanDone:  The  idea  behind  project-planning 
software  PlanDone  is  to  distribute  decision¬ 
making  capabilities  better  to  a  wide  group  of 
users  and  to  give  them  more  visibility  into  how 
projects  are  being  executed. To  promote  trans¬ 
parency, the  software  has  a  built-in  open  source 
wiki-style  system  to  document  a  project’s 
progress  and  changes  in  its  goals;  it  even  has  a 
task-ranking  system  that  assigns  priorities  to 
tasks  according  to  their  deadlines. 

“PlanDone  creates  a  collaborative  system 
that  lets  all  members  of  a  work  team  define, 
manage  and  complete  tasks  in  a  way  that  has 
a  lot  of  accountability  to  the  work 
group,”  Shipley  says.  “It’s  an  opportunity 
for  every  part  of  the  business  to  under¬ 
stand  how  project  plans  develop,  and 
also  to  communicate  changes.” 

Quantivo:  This  customer-analytics  sys¬ 
tem  is  designed  to  provide  real-time 
analytics  to  customers,  as  well  as  to 
enable  them  to  correlate  events  and 
search  for  trends.  So,  for  instance,  if  a 
hardware  store  in  Cleveland  is  selling 
significantly  more  white  paint  than  a 
hardware  store  in  Cincinnati,  the  Quantivo  sys¬ 
tem  will  let  users  look  at  what  else  customers 
are  purchasing  along  with  white  paint  as  com¬ 
plementary  goods,  Shipley  says.  If  there  are  cor¬ 
relations  between  purchases  of  white  paint 
and  other  goods,  the  store  then  might  want  to 
have  a  promotional  sale  packaging  the  goods 
together,  she  says.  In  addition,  because 
Quantivo  is  a  software-as-a-service,  it  can  de¬ 
liver  high-quality  analytics  to  customers  at  a 
more  attractive  price  than  traditional  data-ana- 
lytics  systems  can,  she  says. 

Personal  Fortress:  This  data  protection  and 
encryption  service  from  Fortressware  acts  as  a 
data  wrapper  that  places  restrictions  on  how 
data  can  be  shared  within  an  organization, 
Shipley  says.  For  example,  if  a  user  is  forwarded 
an  e-mail  with  a  restrictive  file  attached,  Per¬ 
sonal  Fortress  lets  the  sender  restrict  the  recip¬ 
ient’s  ability  to  forward  the  e-mail  to  other  users 


or  even  to  copy  and  paste  its  contents  for 
reproduction.  The  data-protection  restrictions 
travel  along  with  the  data  as  its  being  sent,  thus 
making  it  more  difficult  for  the  data  to  leak  out. 

TetraBase  SDT:  As  a  data  management  sys¬ 
tem,' TetraBase  SDT  uses  pre-  and  co-processing 
technology  to  help  companies  coordinate 
their  database  systems.TetraBase  SDT“analyzes 
the  rules  of  the  data  —  why  it  is  being  used, not 
just  that  it  is  being  used  —  to  intelligently  man¬ 
age  the  flow  of  data,”  DEMO  says.  The  goal  of 
the  system  is  to  improve  response  times,  to 
relieve  the  storage  sprawl  caused  by  high  data 
loads  and  to  get  rid  of  bandwidth  bottlenecks 
clogging  the  network. 

“TetraBase  is  really  about  how  we  can  work 
with  data  to  provide  more  real-time  answers  to 
business  questions,”  Shipley  says.“When  you’re 
dealing  with  massive  volumes  of  information, 
TetraBase  can  do  analytics  for  you  in  a  much 
faster  way’ 

ioSAN:  Described  as  “the  world’s  first  net¬ 
worked  enterprise  solid  state  drive  (SSD),” 
Fusion-io’s  ioSAN  is  a  storage  product  that  uses 
a  standards-based,  memory-speed  protocol 
over  either  10  Gigabit  Ethernet  or  40GBps 
Quad  Data  Rate  InfiniBand  to  share  memory 
space  between  servers.  In  other  words,  ioSAN 
lets  users  create  a  full-power  storage-area  net¬ 
work  using  an  off-the-shelf  server. 

“With  this  development,  everything  you 
thought  you  knew  about  SSD  and  storage  net¬ 
working  is  no  longer  true,”  says  Fusion-io  CTO 
David  Flynn.“The  ioSAN  fuses  SSD  with  storage 
networking,  combining  the  best  of  direct- 
attached  and  storage  networking  with  the  best 
of  SSD  and  traditional  storage."® 


ONLINE:  More  DEMO  online 

There’s  much  more,  including  our  slide 
show  —  "15  cool  new  technologies  at 
DEMOfall  ’08"  —  that  features  start¬ 
ups  offering  new  ways  to  watch  televi¬ 
sion,  create  music,  manage  money  and 
even  decipher  media  spin. 

www.nwdocfinder.com/6552 
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Brands  that  have  revolutionized  online 
business  have  one  thing  in  common... 


Akamai,  Enabling  the  Revolution 


BURGER  KING-  serves  over  1 1  million  guests  a  day, 
worldwide  —  in  1 1,455  restaurants  in  70  countries.  The 
performance  and  availability  of  its  online  SAP®  portal  is 
critical  to  corporate,  partner  and  franchisee  operations. 
From  ordering  buns  to  conducting  real-time  labor 
scheduling  to  interoffice  communications,  Akamai's 
services  have  enabled  the  'HOME  OF  THE  WHOPPER®' 
to  revolutionize  its  global  Web  applications. 


A  lot  can  happen  in  ten  years.  Especially  with  Internet 
technology  that's  revolutionizing  virtually  every  facet 
of  business.  New  sales  channels.  New  applications  and 
business  processes.  In  our  first  ten  years,  Akamai  has 
helped  the  world's  leading  businesses  become  the 
world's  leading  online  businesses.  And  we're  just 
getting  started. 

Learn  more  at  www.akamai.com/10y.ears  '  - 
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Immature  management  approach 

A  survey  of  nearly  630  enterprise  IT  managers  shows  that 
managing  virtual  environments  remains  anyone’s  game. 

Which  of  the  following  best  describes  the  management  software 
that  you  are  currently  using  in  your  virtual  environment? 


Other  1% 


Fully  manual, 
no  management 
tools  9% 

Purpose-built 
virtualization 
tools  10% 

Purpose-built 
physical/virtual 
tools  14% 

Standard  physical 
management  tools  17% 


Bundled 
virtualization 
vendor  tools  29% 


Add-on 
virtualization 
vendor  tools  20% 


SOURCE:  ENTERPRISE  MANAGEMENT  ASSOCIATES.  APRIL  2008 


Virtualization 

continued  from  page  1 

tools  to  help  them  gain  con¬ 
trol  of  their  virtual  environ¬ 
ment  and  automate  tasks  as 
current  practices  become 
unsustainable.  For  instance, 
the  methods  used  to  man¬ 
age  configuration  or  patch 
distribution  to  10  physical 
boxes  will  become  unten¬ 
able  when  those  host  servers 
house  exponentially  more 
virtual  machines.  But  indus¬ 
try  watchers  warn  that  third- 
party  tools  that  support  vir¬ 
tual  environment  may  not 
yet  be  ready 

“There  is  still  much  work 
to  do  to  bring  the  manage¬ 
ment  of  virtual  server  envi¬ 
ronments  up  to  par  with  that 
of  a  traditional  physical 
environment,”  says  Cameron 
Haight,  research  vice  president  at  Gartner. 
“Areas  where  tools  are  still  evolving  range 
across  the  spectrum,  but  particularly  impor¬ 
tant  will  be  continuing  work  in  areas  such 
as  root-cause  analysis,  capacity  and  perfor¬ 
mance  planning,  chargeback  and  automa¬ 
tion.” 

A  handful  of  management  vendors  recently 
updated  their  portfolios  to  address  what  indus¬ 
try  watchers  have  pegged  as  must-have  capa¬ 
bilities  for  enterprise  IT  managers  responsible 
for  virtual  resources. 

HI?  via  its  technology  partnership  with 
VMware,  updated  several  management  and 
monitoring  software  applications  to  identify 
virtual  machines  and  inventory  the  operat¬ 
ing  systems  and  applications  running  on 
them  for  compliance  or  chargeback  capa¬ 
bilities. 

For  instance,  the  HP  Asset  Manager  with 
Discovery  and  Dependency  Mapping  prod¬ 
uct  automatically  discovers  virtual  environ¬ 
ments,  measures  the  usage  of  virtual- 
machine-installed  software  and  tracks 
license  compliance,  the  company  says.  HP 
SiteScope  can  determine  how  to  monitor 
performance  and  availability,  via  agent- 
based  or  agent-less  technologies. 
Considering  IT  managers  may  not  be  able 


NEWS  ALERTS 

Hate  hunting  for  stories  on  a  specific 
topic?  Let  the  news  come  to  you  with 
Network  World’s  latest  news  alerts 
with  focuses  on  security,  financials, 
standards,  trade  show  news  and  ven¬ 
dor-specific  news. 

www.nwdocfinder.com/1002 


to  install  an  agent  on  some  virtual 
instances,  the  company  says  it’s  critical  to 
be  able  to  gather  data  without  using  agents. 

In  addition,  HP’s  updates  enable  one  tool  to 
manage  both  physical  and  virtual  servers. 

“It  is  critical  to  manage  virtualization  in 
the  same  way  the  physical  environment  is 
managed.  It  should  not  be  separate  from 
other  management  efforts  because  that  lack 
of  coordination  will  cause  all  sorts  of  prob¬ 
lems  when  troubleshooting,  planning  for 
capacity  or  provisioning  resources,”  says 
Andi  Mann,  research  director  at  Enterprise 
Management  Associates. 

HP  competitor  BMC  also  announced  up¬ 
grades  across  its  product  suite.  BMC  updat¬ 
ed  its  Performance  Management  software 
with  enhanced  support  for  VM ware’s  Virtual 
Infrastructure  3  and  VMotion  as  well  as  the 
capability  to  monitor  the  virtual  infrastruc¬ 
ture,  guest  virtual  machines  and  applica¬ 
tions. 

The  management  software  maker  also 
tapped  its  RealOps  acquisition  to  provide 
run-book  automation  capabilities  specific 
to  VMware  environments.  Most  important, 
industry  watchers  say,  is  that  BMC  equipped 
its  software  to  relate  virtual  elements  and 
resources  to  the  overall  business  service  to 
help  IT  understand  how  performance  prob¬ 
lems  will  impact  critical  customer  or  user¬ 
facing  applications. 

“BMC  is  offering  performance  management, 
monitoring  of  availability  and  changes,  and 
tying  that  into  their  [business  service  manage¬ 
ment]  portfolio  —  what  is  critical  for  the  busi¬ 
ness  and  what  infrastructure  is  attached  to  this 
critical  business  service,  virtual  or  physical,” 
Forrester’s  Hubbert  says. 

Meanwhile,  the  management  heavyweights 
face  competition  from  virtual  systems  man¬ 
agement  start-ups  such  as  Embotics, 
Fortisphere  and  VKernel,  all  of  which  have 


made  product  enhancements  to 
showcase  at  VMworld.  For  their 
part,  Embotics  and  VKernel  sepa¬ 
rately  made  available  free  down¬ 
loadable  versions  of  their  soft¬ 
ware  offerings  to  help  IT  man¬ 
agers  get  started  with  the  technol¬ 
ogy 

Embotics’  V-Scout  application 
connects  to  VMware 
VirtualCenter  to  track  virtual 
machines  across  VMware  envi¬ 
ronments.  The  software  then 
populates  itself  with  custom 
data  in  VirtualCenter  and  gener¬ 
ates  reports  on  numerous  met¬ 
rics  such  as  disk  space  used, 
CPU  count  and  connection 
state.  VKernel’s  SearchMyVM 
download  provides  a  “Google- 
like”  interface  to  search  more 
than  75  attributes  across  virtual 
machines,  hosts,  clusters,  stor¬ 
age,  resource  pools,  files,  snap¬ 
shots,  VMware  tools,  applications 
and  configuration  information. 

Fortisphere  released  the  second  genera¬ 
tion  of  its  Virtual  Essentials  suite,  which  the 
vendor  says  enhances  its  policy-based  man¬ 
agement  applications  to  help  IT  managers 
better  understand  how  virtual  resources  are 
being  used.  The  software  lets  IT  managers 
set  policies  that  would  enable  virtual 
resources  to  be  decommissioned  or 
reclaimed  at  a  set  time,  preventing  IT  from 
deploying  more  resources  when  existing 
virtual  machines  are  being  underutilized. 
Virtual  Essentials  2.0  includes  capacity 
planning  capabilities,  according  to 
Fortisphere  CTO  and  principal  founder 
John  Suit,  which  “let  IT  managers  grow  their 
virtual  environments  without  doing  it  waste- 
fully” 

Industry  watchers  say  enterprise  IT  execu¬ 
tives  are  reaching  the  point  where  capacity 
planning  will  be  a  critical  discipline  to  master 
in  the  virtual  realm. 

“The  growing  density  ofVMs  and  the  increas¬ 
ing  virtualization  of  mission-critical  applica¬ 
tions  is  causing  many  IT  organizations  to  look 
anew  at  ways  to  do  better  resource  planning,” 
Gartner’s  Haight  says. “There  has  been  a  gener¬ 
al  perception  that  platforms  such  as  VMware 
can  help  alleviate  potential  performance  prob¬ 
lems  so  there  has  been  less  rigorous  attention 
paid  to  traditional  planning,  but  the  environ¬ 
ment  is  changing.”  ■ 


ONLINE:  Desktop  virtualization 
spotlight 

Microsoft,  Red  Hat,  HP,  Sun  all  made 
moves  to  bolster  virtualization  man¬ 
agement  and  application  offerings. 

www.nwdocfinder.com/6543 
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THE  FOUNDRY  INTELLIGENT  EDGE 
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a  comprehensive  management  tool  along  with  internal  and  external  threat  protection  ... 
leveraging  sFlow  to  deliver  an  extensive  suite  of  access  control  and  embedded  security 
features.  Our  full  complement  of  wired  and  IronPoint  Mobility  wireless  solutions  ensures 
that  your  business  is  not  Only  positioned  for  today,  it's  positioned  for  the  future.  And  thanks 
to  our  open  standards  approach,  you're  free  to  incorporate  best-of-breed  solutions  from 
other  leading  technology  vendors, 

Don't  take  our  word  for  it.  Visit  foundrynet.com/leader  to  see  why  industry  experts  _  _  _  _  _ 

and  more  than  1 5,000  customers  worldwide  recognize  Foundry  as  a  leader  in  enterprise  NETWORKS  a 
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NEWS  ANALYSIS 


How  carriers  batten  down  networks 


BY  BRAD  REED 

Needless  to  say,  hurricane  season  can  be  a 
stressful  time  for  telecom  carriers. 

How  stressful,  you  ask?  Well,  picture  what 
would  happen  if  the  multitude  of  hardhat- 
wearing  network  technicians  you  see  in  a  typi¬ 
cal  Verizon  commercial  got  swept  up  in  a 
“Wizard  of  Oz”-style  twister.  In  other  words, 
think  about  how  spread  out  telecom  carrier 
infrastructure  is  and  about  how  many  different 
bases  telcos  have  to  cover  to  protect  it  all  dur¬ 
ing  natural  disasters. 

“The  biggest  challenge  in  preparing  for  a 
storm  is  that  we  have  so  many  external  assets,” 
says  Steve  Butera, Verizon’s  director  of  business 
continuity  planning  and  emergency  manage¬ 
ment.^  you  look  at  Verizon  telecom,  we  have 
central  offices,  we  have  garage  work  centers, 
we  have  vehicles,  we  have  generators,  utility 
poles,  aerial  cables  and  remote  terminals. 
That’s  a  lot  of  physical  infrastructure  that’s 
exposed  in  a  wide  range  of  areas.” 

The  key  to  managing  this  sprawl  of  equip¬ 
ment  and  infrastructure  is  to  break  it  down  by 
region,  Butera  says.  In  Verizon’s  case,  each  area 
has  a  regional  command  center  that  is  respon¬ 
sible  for  safeguarding  its  own  equipment. 
Seventy-two  hours  before  a  storm  hits,  each 
command  center  in  the  affected  area  has  to 


Following  Hurricane  Katrina,  carriers 
have  stepped  up  their  emergency 
response  plans  in  an  effort  to  keep 
their  networks  up  and  running. 

report  on  how  prepared  it  is  for  the  storm. 

Basically,  Butera  says,  this  amounts  to  a 
checklist  of  tasks  that  each  command  center 
must  accomplish  for  its  region  to  be  consid¬ 
ered  secure.  In  the  case  of  the  recent 
Hurricane  Gustav,  this  meant  testing  emer¬ 
gency  generators,  ensuring  that  vehicle  fuel 
tanks  were  topped  off,  and  moving  loose  out¬ 
door  equipment  to  secure  locations. 

“From  a  real  estate  perspective,  we  have  to 
make  sure  that  all  our  buildings  have  been 


identified,  we  have  to  make  sure  that  their  roof 
drains  are  cleared  and  that  areas  that  require 
sandbagging  are  sandbagged,”  Butera  says.  “It’s 
very  much  along  the  lines  of  what  you’d  often 
see  on  the  news  for  what  people  are  doing  to 
prepare  their  own  homes.” 

Thomas  Pica,  the  executive  director  of  cor¬ 
porate  communications  for  Verizon  Wireless, 
says  the  preparation  for  the  wireless  network 
paid  off  last  week,  as  90%  of  Verizon’s  network 
was  up  and  running  the  day  after  the  storm  hit. 
Indeed,  Pica  says  the  company’s  backup 
capacity  was  so  strong  that  he  could  make 
successful  calls  to  areas  without  electricity 

“I  held  an  uninterrupted  wireless  conversa¬ 
tion  Wednesday  night  with  one  of  our  folks 
who  was  traveling  in  a  car  to  one  of  the  hard¬ 
est-hit  areas  south  of  New  Orleans,”  he  says.“He 
said  there  was  no  power  and  that  traffic  lights 
weren’t  working.” 

Verizon  isn’t  the  only  carrier  that  has  had  suc¬ 
cess  in  rapidly  restoring  its  network  services. 
AT&T  dispatched  nearly  2,000  employees  last 
week  to  assess  damage  caused  by  the  storm 
and  to  help  restore  service  to  affected  cus¬ 
tomers.  The  company  said  last  week  that  most 
of  its  services  hadn’t  been  impacted  by  the 
storm  and  that  the  only  big  service  outages 

See  Hurricane,  page  24 
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Comcast:  Unexplained  bandwidth  caps 


Comcast  is  in  the  news  again. Over  the  last 
few  months  it  seems  like  a  new  Comcast- 
related  story  has  broken  every  few  weeks 
—  all  of  them  quite  bad  news  for  the  service 
provider. The  PR  people  over  there  sure  must 
be  busy 

Recently  Comcast  let  it  be  known  that  it  was 
testing  a  mechanism  that  “slowed  down”  the 
traffic  of  heavy  users  of  its  high-speed  Internet 
service.  Around  the  same  time,  Comcast  settled 
with  the  Florida  Attorney  General  who  had 
charged  the  service  provider  with  not  properly 
disclosing  information,  such  as  customer  data  usage  caps. 

Neither  of  these  stories  received  much  press  coverage.  But  in  the  mid¬ 
dle  of  these  stories  came  another  about  Comcast  that  did  receive  a  lot 
of  attention  —  Comcast  announced  that  it  was  going  to  put  a  usage 
cap  of  250GB  per  month  on  all  residential  users.  Repeated  violations  of 
the  cap  could  get  a  customer  disconnected  for  a  year. 

After  a  bunch  of  fervor,  it  turned  out  that  Comcast  had  been  doing 
this  all  along.  But  this  was  the  first  time  it  was  actually  willing  to  tell 
anyone  what  the  limit  was  (this  willingness  just  might  be  related  to  the 
Florida  case). 

Comcast  has  not  said  why  it  has  a  usage  cap,  at  least  not  that  I  know 
of.  For  example,  its  FAQ  on  the  limits  does  not  include  a  “why”  question 
and  its  announcement  of  the  feature  does  not  say  why  it  is  doing  this. 
Comcast  has  implied  that  it  has  something  to  do  with  fighting  conges¬ 
tion  and  most  of  the  press  coverage  seems  to  assume  that  is  the  goal. 
But,  as  I’ve  written  before,  usage  caps  or  usage-based  fees  do  not,  and 
cannot,  have  anything  to  do  with  fighting  congestion. 

The  slowing  mechanism  that  Comcast  is  testing  is  directly  related  to 
fighting  the  effects  of  congestion.  According  to  published  reports, 


NET  INSIDER 

Scott  Bradner 


Comcast  is  not  actually  slowing  traffic  (as  the  headlines  would  have 
you  believe).  Instead,  in  times  of  congestion,  it  is  temporally  setting  a 
lower  priority  on  traffic  from  customers  that  have  been  judged  to  be 
receiving  or  sending  too  much  traffic  in  the  proceeding  few  minutes. 

This  will  slow  traffic  if  the  congestion  persists  because  some  of  the 
lower-priority  traffic  will  likely  be  dropped  when  the  router  buffers 
overflow  and  will  have  to  be  retransmitted,  which  takes  longer. 

If  a  usage  cap  is  unrelated  to  fighting  congestion  then  we  must  look 
at  other  reasons  for  Comcast  maintaining  such  a  cap.  It  is  possible  that 
the  corporate  powers-that-be  are  not  technically  cluefull,  acceptable 
lingo  enough  to  understand  that  a  cap  does  not  help  reduce  conges¬ 
tion.  But  Comcast  has  some  very  smart  people  working  for  it  who  I’m 
sure  understand  the  technology  so  the  powers  would  have  to  be  ignor¬ 
ing  their  own  people,  which  I  hope  is  not  the  case. 

It’s  far  more  likely  that  the  cap  is  in  place  to  make  sure  that  Comcast’s 
network  cannot  be  relied  upon  by  competitors  for  high-quality  video 
delivery  Comcast’s  cap  of  250GB  per  month,  which  the  company  could 
change  any  time,  works  out  to  a  few  hours  per  day  of  HD  video,  not 
very  much.  A  couple  of  people  in  a  household  could  easily  exceed 
that  on  a  regular  basis,  at  least  until  Comcast  pulled  the  plug. 

It  sure  looks  to  me  like  Comcast  is  engaging  in  anticompetitive 
behavior.  Considering  the  FCC  bias  against  cable  companies,  I’m  more 
than  a  bit  surprised  that  the  agency  has  not  started  to  nose  around. 
Maybe  the  rumors  about  AT&T  and  other  telephone  companies  con¬ 
sidering  usage-based  fees  is  keeping  the  FCC  at  bay 

Disclaimer:  Harvard  employs  usage-based  fees  for  things  such  as  food 
but,  as  far  as  I  know,  most  of  the  rest  of  the  student  fees  are  flat  rate.The 
above  represents  my  own  views,  not  those  of  the  university. 

Bradner  is  Harvard  University's  technology  security  officer.  He  can  be 
reached  at  sob@sobco.com. 


The  innovation  gap  is  real,  all  right 


Recently  Judy  Estrin,  former  Cisco  CTO 
and  current  Silicon  Valley  luminary  pub¬ 
lished  a  book  called  Closing  the 
Innovation  Gap.  I  haven’t  read  it  (yet),  but  she 
reportedly  argues  that  the  United  States  has  a 
“national  innovation  deficit” — specifically  a 
shortage  of  overall  investment  in  science  and 
engineering.  According  to  a  recent  article, 
Google’s  Vint  Cerf,one  of  the  primary  inventors 
of  the  Internet,  agrees. 

They’re  right.  In  2005,  the  National  Academies 
noted  that  federal  financing  of  research  in  the 
physical  sciences  was  45%  less  in  2004  than  in 
1976.  More  recently,  according  to  a  report  released  in  June  from  the 
American  Society  for  Engineering  Education,  engineering  bachelor’s 
and  master’s  degrees  are  on  the  decline  —  particularly  among  electri¬ 
cal  engineering  and  computer  science. 

Some  argue  that  this  isn’t  a  problem, given  the  robust  structure  of  ven¬ 
ture  capitalism  in  Silicon  Valley  and  elsewhere. 

They’re  wrong.  It’s  not  commonly  acknowledged,  but  federal  invest¬ 
ment  has  been  key  to  the  dramatic  growth  in  technology  innovation 
in  the  ’70s,  ’80s  and  ’90s.  The’  Internet  itself  grew  out  of  federally 
financed  projects:  Both  the  Defense  Advanced  Research  Projects 
Agency,  or  DARPA,  and  the  National  Science  Foundation  funded  the 
research  and  engineering  that  went  into  its  design  (as  late  as  the  early 
1990s,  the  NSF  was  funding  the  Internet  backbone  to  the  tune  of  $10 
million  per  year). 

Moreover,  the  much-vaunted  Silicon  Valley  machine  is,  in  the  sim¬ 
plest  terms,  a  mechanism  for  transforming  public  investment  dollars 
into  personal  profits.  Here’s  how:  In  the  ’60s,  ’70s  and  even  into  the 


’80s  the  feds  funded  universities  and  other  not-for-profit  groups  to  do 
long-term  “pure”  research.  If  and  when  researchers  uncovered  poten¬ 
tially  profitable  ideas,  they  were  wooed  into  start-ups  or  established 
businesses,  where  they  converted  their  ideas  into  products  or  com¬ 
panies. 

This  model  worked  well,  but  declining  funding  in  academia,  cou¬ 
pled  with  increased  opportunities  for  fame  and  fortune  in  industry, 
led  to  a  mass  exodus  of  scientists  and  engineers  from  academia  in 
the  1980s  and  1990s  (including  yours  truly).  Now,  not  only  is  there 
limited  funding  available  —  there  are  increasingly  fewer 
researchers  to  use  it. 

At  the  same  time, Wall  Street  began  to  punish  public  companies  (such 
as  Microsoft,  IBM  and  AT&T)  for  continuing  to  invest  in  primary 
research,  on  the  theory  that  such  investments  weren’t  in  the  best  inter¬ 
ests  of  shareholders.  (Fair  enough  —  companies  exist  to  generate  prof¬ 
its,  not  pure  research.) 

The  upshot?  The  well  is  beginning  to  run  dry  We’re  lacking  both  talent 
and  investment  dollars  in  the  early  stages  of  innovation  —  the  place 
ideas  are  generated  before  they  become  investment-worthy 

The  good  news:  We  know  how  to  fix  this.  Federal  investment  in  pri¬ 
mary  scientific  and  engineering  research  works.  And  encouraging 
youngsters  to  get  engineering  degrees  is  a  win-win:  not  only  does  it 
improve  their  chances  for  obtaining  interesting  and  lucrative  work, 
it  helps  the  United  Strates  maintain  a  competitive  edge. 

If  you  agree,  let  your  representatives  in  Washington  know  how  you 
feel.  And  tell  your  kids  to  study  engineering. 

Johnson  is  president  and  senior  founding  partner  at  Nemertes 
Research,  an  independent  technology  research  firm.  She  can  be  reached 
at  johna@nemertes.com. 
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U.S.  Census  handhelds  fall  short 


BY  MICHAEL  COONEY 

Technical  flaws  in  its  massive  wireless  hand¬ 
held  deployment  are  jeopardizing  the  U.S. 
Census  Bureau’s  readiness  for  the  fast- 
approaching  decennial  census  in  2010. 

A  report  last  week  from  federal  watchdogs  at 
the  Government  Accountability  Office  (GAO) 
said  that  despite  myriad  problems  with  its 
handheld  computer  systems  the  U.S.  Census 
Bureau  is  pushing  ahead  with  the  program  — 
albeit  with  changes. 

Certainly  using  wireless  handhelds  makes 
sense  as  census-takers  gear  up  for  the  2010 
census.  The  idea  is  to  save  time  and  improve 
the  accuracy;  and  Harris  Corp.  was  given  a  five- 
year,  $600  million  contract  for  500,000  hand¬ 
helds  in  2006  to  make  that  happen. 

But  during  a  census  dress  rehearsal  last  fall, 
the  GAO  said  the  system  in  many  cases  fell  on 
its  face  and  problems  continue  to  arise.  For 
example,  during  the  test,  field  staff  (known  as 
listers)  experienced  most  frequently  reported 
issues  with  transmission,  the  device  freezing, 
collecting  mapping  coordinates  and  problems 
working  with  large  blocks  of  data.  When  prob¬ 
lems  were  identified,  the  contractor  down¬ 
loaded  corrected  software  to  the  handhelds. 
Nonetheless,  help  desk  resources  were  inade¬ 
quate,  the  GAO  said. 

The  Census  Bureau  also  reported  that  5,429 
records  were  lost  and  not  recorded  in  the  map¬ 
ping  and  address  database  because  multiple 
handhelds  had  the  same  identification  num¬ 
ber.  As  a  result,  when  a  handheld  transmitted 
information,  it  overwrote  data  previously 
recorded  for  handhelds  with  the  same  identifi¬ 
cation  number.  According  to  the  GAO,  bureau 
officials  said  this  problem  was  corrected  during 
the  address  canvassing  dress  rehearsal. 


Hurricane 

continued  from  page  21 

had  occurred  in  “hard-hit  areas”  of  Louisiana. 
Like  Verizon,  AT&T  spent  the  week  prior  to  the 
hurricane  topping  off  fuel  at  generators,  testing 
backup  batteries,  and  putting  emergency 
response  equipment  in  place. 

Even  though  Gustavs  impact  on  telecom 
infrastructure  proved  to  be  less  than  what 
many  had  feared,  carriers  had  already  started 
preparing  for  Hurricane  Hanna,  which  was 
projected  to  hit  the  East  Coast  over  the  week¬ 
end.  Richard  Blanc,  Sprint  Nextel’s  regional 
vice  president  for  network  engineering,  says 
his  company’s  Emergency  Response  Team  had 
sent  emergency  equipment,  portable  genera¬ 
tors  and  ample  fuel  supplies  to  the  areas 
expected  to  be  affected  by  the  storm.  Blanc 
says  that  Sprint  has  invested  more  than  $200 
million  for  network  enhancements  in  the  Gulf 
Coasts  and  the  Carolinas,  and  last  year  the 


Census  field  staff  using  wireless  hand¬ 
helds  reported  numerous  technical 
glitches  during  a  test  run  last  fall. 


Meanwhile,  data  show  census  staff  productiv¬ 
ity  exceeded  expectations  in  rural  areas  but 
did  not  meet  bureau  expectations  in 
urban/suburban  areas,  which  represent  a 
greater  share  of  housing  units  across  the 
nation,  the  GAO  said. 

The  GAO  added  that  it  previously  testified 
that  the  bureau  had  not  sufficiently  measured 
the  performance  of  the  handhelds  during  the 
dress  rehearsal,  nor  fully  specified  how  it  will 
measure  performance  during  the  2010  census. 

The  bureau  received  data  from  the  contrac¬ 
tor  on  average  transmission  times,  but  it  hasn’t 
used  the  data  to  analyze  the  full  range  of  trans¬ 
mission  times  nor  how  transmissions  may  have 
changed  throughout  the  entire  operation. 
Without  this  information,  the  magnitude  of  the 
handheld  computers’  performance  issues 
throughout  the  dress  rehearsal  was  not  clear, 
the  GAO  said. 

In  addition,  the  Census  Bureau  has  not 
developed  an  acceptable  level  of  performance 
for  measures  on  total  number  of  failed  trans¬ 
missions  or  average  connection  speed.  The 
contract  supporting  the  bureau’s  field  data  col- 


company  invested  roughly  $59  million  in  hur¬ 
ricane  preparedness  for  the  southeastern 
region  of  the  United  States. 

“Following  Hurricane  Katrina,  we  concentrat¬ 
ed  extensively  on  hardening  our  network,” 
Blanc  says.  “Not  only  did  we  conduct  compa¬ 
nywide  emergency  drills  for  future  hurricanes, 
but  we  also  added  mobile  cell  sites  that  can  be 
deployed  in  impacted  areas  to  restore  service 
quickly’ 

Verizon  Wireless,  meanwhile,  is  enhancing  its 
network  along  the  coast  from  North  Carolina 
to  Georgia,  as  well  as  along  all  evacuation 
routes  for  more  than  100  miles  inland.  The 
company  also  is  dispatching  a  team  of  engi¬ 
neers  to  test  out  the  network  and  ensure  that 
it’s  in  shipshape  for  the  coming  storm. 

“We  have  learned  that  you  can  never  be  too 
prepared  for  a  crisis,”  Pica  says.  “The  consider¬ 
able  time  and  money  we  invest  in  our  network 
infrastructure  to  prepare  for  emergency  situa¬ 
tions  is  a  sound  investment.”  ■ 


lection  calls  for  the  contractor  to  provide  near 
real-time  reporting  and  monitoring  of  perfor¬ 
mance  metrics,  and  a  control  panel/dashboard 
application  to  report  metrics  from  any  Internet- 
attached  personal  computer.  Such  real-time 
reporting  may  be  helpful  to  the  contractor  and 
the  bureau  to  monitor  ongoing  address  can¬ 
vassing  operations  in  2009,  but  was  not  used 
during  the  dress  rehearsal,  the  GAO  said. 

The  bureau  has  developed  a  preliminary  list 
of  dashboard  metrics,  which  include  such 
daily  measures  as  average  transmission  dura¬ 
tion,  and  expects  to  use  the  dashboard  for 
address  canvassing  in  a  full  dress  rehearsal 
expected  to  take  place  in  late  January  2009. 

One  factor  that  may  have  contributed  to 
these  performance  problems  was  a  com¬ 
pressed  schedule  that  did  not  allow  for  thor¬ 
ough  testing  before  the  dress  rehearsal.  Given 
the  tighter  time  frames  going  forward,  testing 
and  quickly  remedying  issues  identified 
becomes  even  more  important,  the  GAO  said. 

For  its  part,  the  Census  Bureau  is  trying  to  fix 
problems  and  acknowledged  most  of  the 
GAO’s  findings.  But  these  problems  have  been 
simmering.  In  April,  the  bureau  made  signifi¬ 
cant  changes  to  its  plans  in  an  effort  to  address 
system  problems. 

At  the  time  Carlos  Gutierrez,  secretary  of  the 
US  Department  of  Commerce,  which  oversees 
the  U.S.  Census,  said  that  one  of  the  main  rea¬ 
sons  for  the  problems  was  “significant  miscom- 
munication  concerning  technical  require¬ 
ments  between  the  Census  Bureau  and  Harris.” 

He  said  the  lack  of  clarity  in  defining  techni¬ 
cal  requirements  was  a  serious  problem,  espe¬ 
cially  with  regard  to  the  testing  and  functional¬ 
ity  of  the  handheld  devices  in  a  full  census 
environment.  For  example,  discrepancies  arose 
over  data  upload  times,  screen  change  speed 
and  data  storage  capabilities,  he  added. 

Responding  to  this  current  GAO  report, 
Gutierrez  says  the  agency  is  working  to  address 
concerns,  specifically  around  network  and 
handheld  performance  metrics.  ■ 


Wireless  event 

What's  the  secret  to  making  enterprise 
mobility  a  competitive  advantage  on  a 
commodity  world?  Strategic  manage¬ 
ment.  Developing  the  skills  and  insights 
to  synchronize  and  orchestrate  the 
entire  spectrum  of  wireless  tools  to 
deliver  measurable  differences  in 
responsiveness,  customer  service,  pro¬ 
ductivity  and  bottom  line  returns.  Hear 
more  —  attend  IT  Roadmap:  Dallas  on 
Sept.  23  for  free.  Qualify  at: 

www.nwdocfinder.com/5733 
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Coming  Tuesday,  September  23rd 

NETWORK  WORLD  READERS  QUALIFY  TO  ATTEND  FREE 
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IT  Roadmap:  Dallas  is  the  only  event  offering 
team  coverage  in  10  key  areas  of  IT.  Complete 
with  case  histories  from  frontline  users.  Answers 
from  IT  insiders.  Data  from  industry  researchers. 
Insights  from  IT  specialists.  And  embedded  within 
...a  tightly-focused,  solution-oriented  expo  of  top 
vendors  where  the  takeaways  even  include  the 
chance  to  win  a  42"  Panasonic  HDTV! 

Check  the  agenda.  And  become  a  part  of  it. 
Reserve  your  seat  now.  And  get  ready  for  an  IT 
Roadmap  that  starts  in  Dallas  and  takes  you 
everywhere  you  need  to  drive  your  enterprise. 

For  complete  information  and 
to  register,  go  to 

www.networkworld.com/RM8DA4  or 
call  800-643-4668. 

AFTER-EVENT  ADDED-VALUE  BONUS: 

Access  to  the  ITR  Exchange,  the  private,  password- 
protected  IT  Roadmap  online  community  where  you 
can  track  the  results  of  post  conference  surveys.  Read 
and  download  presentations  from  each  of  the  ten  tracks. 
And  continue  to  network  with  colleagues. 


[  SPEAKERS  AND  AGENDA  SUBJECT  TO  CHANGE  ] 

IT  Roadmap;  Agenda  for  the  Day 

Not  just  compelling  new  technologies  and  state-of-the-art  best  practices,  but  how  the  pieces  fit  together  to 
create  an  architecture  that  can  drive  business. 


7:30 

Registration  and  Complimentary  Breakfast 

8:15 

Welcome  Address  and  Agenda  for  Action  Paul  Desmond,  Events  Editor,  Network  World,  Inc. 

8:30 

Keynote  Presentation:  Laurie  Bride,  Enterprise  Architect  with  Boeing,  will  be  discussing  “How  to 
Architect  for  the  Long  Haul” 

9:30 

Technology  Keynote  Presentation:  Strategic  Role  of  the  Network  and  Beyond  Michael  E.  Marcellin, 
Vice  President  of  Global  Product  Marketing  -  Verizon  Business  &  Marie  Hattar,  Vice  President, 

Network  Systems  and  Security  Solutions  Marketing  /  CM0  -  Cisco  Systems,  Inc. 

10:00 

Refreshments  Break 

MORNING  TRACKS  (Choose  One) 

10:15  Each  information-packed  track  presents  a  real-world  user  case  study,  vendor-specific  solutions, 
and  best  practices  you  can  take  back  to  your  enterprise 

Security  and  SaaS  and  Cloud  Network  &  Application 

Compliance  Computing  Acceleration 

Andreas  Antonopoulos,  Jeff  Kaplan,  Jim  Metzler, 

Nemertes  Research  THINKstrategies  Ashton  Metzler  & 

Associates 

Enterprise  Mobility 
Craig  Mathias 

The  Farpoint  Group 

Data  Center 
Infrastructure  & 
Management 

Johna  Till  Johnson, 
Nemertes  Research 

12:30 

Complimentary  Lunch  and  IT  Expo  is  Open 

AFTERNOON  TRACKS  (Choose  One) 

2:30 

Virtualization  VoIP, Videos  Unified  Network  Management, 

Andreas  Antonopoulos,  Communications  Automation  S  Control 

Nemertes  Research  Irwin  Lazar,  Jim  Metzler, 

Nemertes  Research  Ashton  Metzler  & 

Associates 

NAC:  Network 

Access  Control 

Joel  Snyder, 

Opus  One 

Next-Generation 
WAN  Services 

Johna  Till  Johnson, 
Nemertes  Research 

4:45 

Reception  and  IT  Expo  Take  this  opportunity  to  visit  the  expo  hall  and  learn  about  the  best  in  IT 
products  and  services.  Refreshments  will  be  served. 

6.00  Passport  Drawing  Fantastic  giveaways  and  other  great  prizes!  You  must  be  present  to  win. 


Principal  Sponsors 


Veri70nbusiness 

.  1 1 1 . 1 1 1 . 

CISCO. 


Avocent-  BlueQCoat  Q  cisco*  CITRIX  DOKldo  FiT'N  EMC2 

V,  IJV.W  ioriw*»i  fWvrgiWHMrtAvrde  where  Information  live 

lnfoblOX%.  S!  Juniper*  ^  nETScaur  ^POLYCOM'  QQLiaLYS’  QvestA^- 

'verizopbusiness  ©Webroot 


FOUNDRY 

NETWORKS 


*  VIRTUAL  LABS 

SURGIENT* 


Gold  Sponsors 


r]Pl. 


;7 


3C0ITI  AlO.Networks  Aerohive-  Airwave'  Alcatel-Lucent^^  ATEN  StB  ©  BLUECAT NETWORKS  brocade  ddiadOflldin 


IT- 


MIMOSA 

ITiTtMi 


Q 


( FuRfinET  GHIaspy  ^1  ^  Global  Crossing- 

^llogic.  H  NetApp  Ne  cordia  f'?! 


KuGHES  ipanema  Lancope.  MaziT 


MOTOROLA 


Global  Knowled  ^ . 

6j9opf/cs®  IMetreo  nItwof 


NETWORKS 


NETWORK  HARDWARE  RESALE 


II1 


mmsoft 


Packet  Design 


JVIK  -  , .  T1MF  WARNER  CABLE  -r-  r x  , 

SilverPeak  softlayer  SOPHOS  Sympllfied  Business  Class  TippingPoint 


#  uplogix  *»  vmsac>  virteia*^  ?  wave  WildpAckets  xiiutvs  z  e  u 


Success  Starts  with  a 


Featured  Reviews 


WWWWtW  by  Jill  on  07/28/2008 

My  stay  at  the  Lime  Tree  Hotel  was  wonderful.  I  relaxed  at  ib 
spa  and  enjoyed  the  delicious  food.  1  can't  wait  to  come  back! 


WWWW*  by  Barbara  on  07/23/2008 

Great  location,  nice  hotel  with  pleasant  staff  makes  the  Lime 
Tree  Hotel  a  perfect  vacation  destination.  The  rooms  were 
luxurious  and  the  room  service  catered  to  your  every  need 
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WWWWW  by  Tony 

Good  hotel  for  families  and  couples 
is  excellent  for  relaxing  and  the  - 
have  too  far  to  go  for  a  drink  ;} 


The  internet  provides  small  to  medium-sized 
businesses  great  opportunities  to  grow  by  opening 
their  offers  to  millions  of  web  users.  It's  especially 
important  to  build  trust  and  a  good  company  image 
in  order  to  succeed  on  the  web. 

Is  there  a  way  to  quickly  build  a  positive  online  reputation? 

Simply  give  your  satisfied  customers  the  ability  to  publish  feed¬ 
back  on  your  website!  RatePoint  is  a  leading  provider  of  online 
reputation  systems  and  will  ensure  customers  that  your  reviews 
are  credible  and  trustworthy. 

The  RatePoint  Site  Seal  gives  instant  visual 
feedback  to  visitors,  allowing  them  to  see  that 
your  business  is  credible,  safe  and  trustworthy. 
With  one  click,  visitors  can  easily  read  reviews 
and  write  comments. 

In  the  event  that  you  do  receive  negative  feedback,  RatePoint 
automatically  uses  the  Dispute  Resolution  Tool  to  verify  the  review. 
It  offers  you  the  opportunity  to  resolve  the  issue  before  the  review 
is  viewable  on  your  site  and  gives  you  the  chance  to  improve  your 
customer  service  and  retain  more  customers. 

1&1  is  including  RatePoint  for  free  with  all  business 
hosting  packages!  So,  what  are  you  waiting  for? 


The  hotel  restaurant  i:>>, 
stocked  with  fresh  b. 
Lime  Tree  to  anyon-. 
enjoyed  our  stay 
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Reputation  is  Everything  | 


World's  #1  Web  Host 


With  a  wide  variety  of  products  and  hosting  packages,  superior  data  center  technology,  excellent  reliability,  special 
offers,  great  prices  and  a  90-Day  Money  Back  Guarantee,  it's  no  wonder  customers  trust  1&1  as  their  web  host  company! 


1&1  Business  Website! 


Let  customer 
feedback  work  for 
your  business! 

M  RalePoint 

Reputation  is  Everything 


FREE  for  the  life 
of  your  package!* 

Save  $215.40 
every  year. 


1&1 

Go  Daddy 

Hostway 

BUSINESS 

PREMIUM 

STANDARD 

Included  Domains 

3  Domains  FREE 

$  1.99/year 

$  7.95/year 

(.com,  .net,  .org,  .info  or  .biz) 

Web  Space 

250  GB 

300  GB 

150  GB 

Monthly  Transfer  Volume 

2,500  GB 

3,000  GB 

Unlimited 

Mailbox  Size 

2,000  MB 

1,000  MB 

75  MB 

RatePoint  Tools 

/ 

— 

1 

Website  Builder 

18  Pages 

Additional  $8.99/month 

/ 

Marketing  Center 

/ 

/ 

— 

Spreadshirt  Merchandising 

/ 

— 

— 

NEW  eZShop 

/ 

— 

_ 

Graphic  Archive 

/ 

/ 

/ 

E-mail  Marketing  Tool 

/ 

— 

$  7.99/month 

Premium  Software  Suite 

/ 

— 

— 

Search  Engine  Submission 

/ 

Extra  Charge  Applies 

— 

90-Day  Money  Back 
Guarantee 

/ 

— 

— 

ft  Support 

24/7  Toll-free  Phone, 

24/7  Phone, 

24/7  Toll-free  Phone, 

E-mail 

E-mail 

E-mail 

If  Price  Per  Month 

$£99 

5^99 

$21 95 

LIMITED  TIME  OFFER: 


.biz  Domains 
1  Year 
for  FREE** 


©  2008  1&1  Internet,  Inc.  All  rights  reserved. 

Visit  1and1.com  for  details.  Prices  based  on  comparable  Linux  web  hosting  package  prices,  effective  7/31/2008. 

*  Offer  valid  only  for  1&1  Business  and  Developer  web  hosting  packages,  Professional  and  Advanced  eShops, 
and  all  Managed  Servers.  For  full  promotional  offer  details,  visit  www.1and1.com. 

*  Offer  valid  for  .biz  only.  After  first  year,  standard  pricing  applies. 


united 
internet! 


Call  1.877.go1and1 

Visit  us  now  1and1.com 
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SPECIAL  FOCUS 


Network  management  buildup 

Cisco's  management-specific  acquisitions  stretch  back  12  years  across  various 
targets,  markets  and  tasks. 


Year 

Acquisition 

Description 

1996 

NetSys 

Network  infrastructure  management  and  performance 
analysis  software. 

1998 

American  Internet 

IP  address  management. 

CLASS  Data  Systems 

Policy-based  network  resource  allocation. 

2000 

Atlantech 

Network  element  management  software  for 
configuring  and  monitoring  network  hardware. 

2003 

Parc  Technologies 

Traffic  engineering  and  routing  optimization. 

2004 

Protego 

Security  management. 

Jahi 

Appliances  for  simplifying  interfaces  for  device 
management,  deployment  and  configuration. 

NetSolve 

Remote  network  and  IT  infrastructure  management 
services. 

2005 

Sheer  Networks 

Intelligent  network  and  service  management  for  large 
enterprises. 

2007 

Airespace 

Wireless  LAN  products  that  includeWLAN 
management,  location  and  security  software. 

Securent 

Distributed  policy  management. 

2008 

Pure  Networks 

Home  networking  management. 

Cisco 

continued  from  page  1 

increasingly  unwoven.  “It’s  actually  a  good 
thing  when  network  management  is  strug¬ 
gling,  because  it  says  that  innovation  is  really 
happening  at  a  fast  rate,”  says  Karen  Sage, 
Cisco’s  director  of  product  management  for 
network  management.“So,it’s  really  a  Catch-22. 
I  don’t  know  if  you’re  ever  going  to  have  a  sin¬ 
gle,  shrink-wrapped  ‘Here’s  your  network  man¬ 
agement’  that  can  do  every  area  and  every¬ 
thing  and  all  functions.  As  Cisco  moves  into 
higher  layers  of  the  protocol  stack,  that  makes 
it  even  more  challenging.” 

Unlike  its  intention  to  be  No.  1  or  No.  2  in 
each  market  where  it  participates,  Cisco  does 
not  have  the  same  ambitions  for  network  man¬ 
agement.  It  does  not  plan  to  develop  a  product 
to  be  a  manager  of  managers  or  an  all-encom¬ 
passing  enterprise-management  system  a  la 
HP  OpenView,  IBM  Tivoli  or  CA;  rather,  Cisco’s 
myriad  management  tools  are  intended  to  be 
an  enabler  of  those  systems  by  sharing  useful 
event,  alarm  and  diagnostic  data  about  the 
network  infrastructure  and  applications. 

“We’re  not  there  to  establish  a  network  man¬ 
agement  business  by  itself,  a  soup-to-nuts  net¬ 
work-management  system,”  Sage  says.  “Our 
play  here  really  is  an  enabler.  We  also  very 
much  want  to  enable  this  ecosystem  of  part¬ 
ners.  Because  we’re  not  in  competition  with 
them. That’s  a  very  different  strategy  from  say¬ 
ing  you’re  going  to  own  this  market. 

“We’re  going  to  provide  leadership  capabil¬ 
ity  but  we’re  not  going  to  be  leaders,  as  in,  this 
is  a  prime  market  for  us,”  Sage  continues. “We 
are  trying  to  drive  market  penetration  and 
enhanced  business  because  of  this.  But  are  we 
separating  it  out  to  look  at  it  as  a  market  indi¬ 
vidually?  No.” 

Sage  says  these  are  the  top  needs  of  Cisco 
customers  in  the  network  management  realm: 

•  Service  automation  for  deployment  and 
tracking. 

•  Instrumentation  for  detailed  and  specific 
metrics  for  specific  domains, so  that  customer 
experience  can  be  measured.  An  example 
would  be  VoIP  mean  opinion  scores. 

•  Openness  that  enables  Cisco  manage¬ 
ment  applications  to  interact  with  cus¬ 
tomers’ homegrown  tools,  and  lets  customers 
monitor  the  Cisco  component  of,  and  role  in, 
a  larger  network. 

Users,  analysts,  consultants  and  third-party 
vendors  have  expanded  on  this  wish  list. 
Michael  Morris,  a  communications  team  lead 
and  network  architect  at  a  $3  billion  high-tech 
company,  says  that  as  a  Cisco  customer,  he 
would  like  to  see  a  better  user  interface  for 
Cisco  IOS  software. 

“Cisco  user  interfaces  seem  like  they  are  out¬ 
sourced  to  high-school  kids  learning  how  to 
code  Java  to  use  100%  CPU  at  all  times,”  Morris 
says,  suggesting  that  Cisco  hire  someone  from 
Apple  to  improve  its  GUIs. 

A  management  platform  that  integrates  all  of 
the  “cool”  network  management  features  of 


IOS,  such  as  NetFlow,  IP  service-level  agree¬ 
ments,  SNMF?  Generic  Online  Diagnostics 
(GOLD)  and  Call  Home,  would  be  an  improve¬ 
ment,  Morris  says.  GOLD  defines  a  common 
framework  for  diagnostics  operations  across 
Cisco  platforms  running  IOS;  Call  Home  pro¬ 
vides  e-mail-based  and  Web-based  notification 
of  critical  system  events.  Some  of  this  integra¬ 
tion  is  provided  by  third  parties. 

Cisco  also  can  do  a  better  job  providing  IOS 
version  tracking,  says  Yankee  Group  analyst 
Zeus  Kerravala. 

Customers  might  still  be  running  versions  of 
IOS  that  are  one  or  two  major  releases  behind 
the  most  current  release,  and  they  might 
require  ad  hoc  patches  and  updates.  It  may 
never  be  possible  for  Cisco  to  release  a  net¬ 
work  management  program  that  accommo¬ 
dates  every  release  or  version  of  IOS  in  use.“lt’s 
not  uncommon  for  customers  to  have  hun¬ 
dreds  of  versions  of  IOS  running,”  Kerravala 
says.  “So,  it’s  really  difficult  to  know  at  any 
moment  in  time  which  devices  have  which 
operating  system  on  it,  which  revision  level 
they’re  at.  I  think  the  biggest  thing  they  need  to 
address  is  IOS  management.” 

The  tracking  issue  is  being  addressed, Cisco’s 
Sage  says.  “That’s  actually  where  we  benefit  a 
lot  from  the  CiscoWorks  infrastructure  tools,” 
she  says.  “Every  operating  system  and  every 
version  is  modeled  in  there  and  tracked.  So,  we 
even  have  things  that  can  alert  customers  to 
when  certain  IOS  releases  are  out  of  date,  or 
when  there’s  [a  security  alert]  issued.  Our 
management  tools  can  identify  if  there’s  any 


impact  in  the  network.  It’s  very  sophisticated 
tracking,  process  and  documentation.” 

CiscoWorks  could  use  some  improving,  how¬ 
ever,  especially  in  the  user  interface,  according 
to  Larry  Chaffin,  chairman,  CEO  and  founder 
of  Pluto  Networks,  a  consulting  company  spe¬ 
cializing  in  VoIP  wireless  LAN  and  security 
associated  with  Cisco  networks. 

“The  biggest  knock  I  hear  from  people  is 
that  they  just  don’t  like  CiscoWorks,”  Chaffin 
says.  “Sometimes  it’s  hard  and  cumbersome. 
And  the  Cisco  [network-access  control] 
interface  is  very  hard.  They  need  to  make 
things  much  easier  for  customers  with  the 
management  interfaces.” 

Customers  also  demand  a  fully  integrated, 
enterprisewide  management  system  from 
Cisco,  Chaffin  says.  Anything  less  requires 
increased  time,  work  and  expense.  “They 
want  one  tool  that  does  everything,”  he  says. 
“They  don’t  want  to  have  to  have  seven  tools 
and  have  all  these  people  managing  different 
tools,  because  then  you  get  into  training, 
upgrades,  who’s  doing  what,  are  they  all  going 
to  come  back  in  and  be  able  to  do  the  same 
thing.  [It  would  be  helpful]  if  they  already 
have  something  that’s  enterprisewide,  that’s 
comparable  to  other  [vendors’  management 
systems] ,  that  they  could  just  add  into  rather 
than  saying,  ‘Guess  what,  you  have  to  have 
another  server,  interface,  someone  else 
trained  on  it.’” 

Cisco’s  Sage  says  such  a  system  is  unrealistic. 
“There’s  this  kind  of  false  notion  that  there’s  a 

See  Cisco,  page  47 
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■^KACE' 

All-in-one  appliance 


There’s  one  simple 
reason  we  take  only 
days  to  implement. 


With  KBOX  by  KACE  you  get  a  complete  systems  management  solution  in  one  appliance.  Just  plug 
it  in  and  it  works.  No  assembly  required.  The  other  guys?  Well,  we  all  know  there’s  a  bit  more  to  the 
process  and  the  cost.  Call  us  today  and  we’ll  prove  to  you  how  easy  it  is  to  use  KBOX. 

Welcome  to  KACE  Time. 


Enterprise  Management  Associates 

2008  Rising  Star 


<$5”  KACE 

^*4*^  Systems  Management.  Done. 


www.kace.com/showme  877.MGMT.D0NE 


KACE  and  KBOX  are  trademarks  of  KACE  Networks  Inc.  All  other  registered  trademarks  are  owned  by  their  respective  companies. 
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IT  Buyers  Guides 

•  Enterprise-grade  IT 
products  and  services 

•  In-depth  searchable 
database 

•  Thousands  of  details, 
hundreds  of  products, 
continually  updated 

•  Fast  side-by-sde 
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•  Clear  Choice  Test 
results 


The  challenge  of  securing  virtual  operations 


I  have  been  very  interested  in  virtualization 
security  since  early  2004  and  it  now  seems 
like  it  has  become  a  mainstream  topic. 
While  most  of  the  focus  however  is  on  secur¬ 
ing  the  technology  of  virtualization  (the  hyper¬ 
visor)  and  providing  virtualized  security  (usu¬ 
ally  as  virtual  appliances),  my  focus  is  more 
on  the  operational  impact  of  virtualized  infra¬ 
structure  and  by  extension  the  impact  on 
security  operations. 

After  all,  security  controls  (technology)  are 
essential  but  without  operational  controls 
(people)  they  are  not  sufficient.  So  what  is  the  operational  impact  of 
virtualization? 

Virtualization  technology  is  being  applied  across  multiple  IT  silos: 
servers,  applications,  storage  and  networks.  In  each  of  these  domains, 
virtualization  hides  the  physical  infrastructure  behind  an  abstraction 
layer  and  provides  encapsulation  of  logical  instances.  When  you’re 
looking  for  the  root  cause  of  a  fault  or  a  security  alert,  you  need  to  lift 
the  veil  and  see  behind  the  virtualization  layer. This  sounds  a  lot  easier 
than  it  is  in  practice. 

On  top  of  the  abstraction  layer,  virtual  infrastructures  are  often  very 
dynamic.  Live  migration  technology  (such  asVMotion  orXenMotion) 
lets  virtual  machines  move  from  host  to  host  in  near-real-time.  On  top 
of  live  migration  there  are  other  layered  features  such  as  dynamic 
resource  pools  and  high  availability  clusters. 

Together,  these  create  an  environment  where 
VMs  may  move  automatically  to  rebalance  a 
load,  reduce  power  consumption  or  react  to  a 
hardware  failure.  Similar  dynamic  moves  may 
be  occurring  in  a  virtual  storage  environment 
and  (storage  re-allocation)  and  in  the  network 
(load  balancing,  virtual  LAN  allocation).  In  a 


large  virtual  server  pool  this  could  create  an  almost  constantly  chang¬ 
ing  environment. 

Furthermore,  security  operations  must  deal  with  an  environment 
where  servers  come  into  existence  and  are  decommissioned  at  an 
accelerated  rate.  Sine  virtualization  lets  admins  virtually  build,  rack, 
run  and  decommission  a  server  in  a  matter  of  minutes,  the  life  cycle 
of  a  server  becomes  shorter.  Servers  evolve  from  being  enduring  and 
tangible  to  fleeting  and  ethereal.  How  do  you  troubleshoot  or  forensi- 
cally  analyze  a  server  that  only  existed  for  a  day?  Where  do  you  find 
its  logs,  its  configuration? 

Security  operations  in  a  virtual  environment  involve: 

•  Piercing  the  veil  (correlating  events  above  the  abstraction  layer 
with  events  below). 

•  Synchronizing  timestamps  globally 

•  Collecting  logs  and  configuration  changes  centrally 

•  Tracking  VM  identities  independently  of  IP  address. 

•  Tracking  VM  life  cycle  and  genealogy. 

•  Maintaining  libraries  of  patched  and  hardened  VM  images. 

We  have  technology  to  deal  with  most  of  these  problems  and 
doubtless  we  will  see  start-ups  emerge  to  address  problems  that 
are  new  and  unique  to  this  environment.  Many  of  the  challenges 
are  only  noticeable  once  virtualization  technology  has  been  adopt¬ 
ed  in  production  and  deployed  broadly  in  a  data  center. They 
should  be  discussed  at  the  early  planning  stages  instead. The  old 
management  mantra  is  “you  can’t  manage  what  you  don’t  mea¬ 
sure”.  The  mantra  for  security  operations  in 
a  virtual  environment  is  “you  can’t  secure  it 
if  you  can’t  even  find  it.” 

Antonopoulos  is  senior  vice  president  and 
founding  partner  at  Nemertes  Research,  a  tech¬ 
nology  research  firm.  He  can  be  reached  at 
andreas@nemertes.  com. 
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processes  pay  off  big 


TECH  UPDATE 

B  An  inside  look  at  technologies  and  standards 

Telecom  expense-mgmt 

BY:  KEVIN  DUNETZ 

Companies  have  been  tightening  their  telecom  belts  for  years,  and  as 
we  revisit  our  budgets  it’s  hard  to  believe  there  could  be  any  savings 
left  to  squeeze  out.  With  a  combination  of  technology  and  strategic 
processes,  however,  you’d  be  surprised  how  much  telecom  waste  you  can 
still  eliminate. 


Telecom  expense  management  (TEM)  soft¬ 
ware  and  managed  services  coupled  with  pro¬ 
curement  and  ordering  adjustments  can  save 
you  millions  of  dollars  on  wireline  and  wire 
less  investments  without  affecting  user  pro¬ 
ductivity  By  consolidating  telecom  manage 
ment,  validating  your  telecom  investment  and 
use,  renegotiating  your  contracts,  and  optimiz¬ 
ing  your  voice  and  data  infrastructure, you  can 
achieve  a  highly  efficient  and  cost-effective 
telecom  structure. 

Here  are  some  tips  for  getting  the  most  from 
your  telecom  budget: 

•  Consolidate.  Before  you  can  start  to  save 
money  you  have  to  know  the  cell  phone,  cir¬ 
cuit  and  service  assets  strewn  about  your  com¬ 
pany  The  first  step  is  to  create  a  single  inven¬ 
tory  of  telecom  assets  by  gathering  data  from 
internal  inventory  spreadsheets,  databases,  car¬ 
rier  customer-service  records  (CSR),  contracts 
and  invoices.  This  central  pool  of  information 
gives  you  instant  visibility  into  and  control  over 
your  wireline  and  wireless  investments. 

Another  big  benefit  of  consolidation  is  the 
savings  you’ll  see  on  invoice  processing. 
Typical  multimillion-dollar  companies  can 
spend  $40  or  more  to  receive,  review  and 
process  a  single  telecom  carrier  invoice.  By 
getting  these  invoices  out  of  the  hands  of 
individual  office  managers  and  into  a  cen¬ 
tralized  database,  you  can  start  to  gain 
economies  of  scale.  For  example,  you  can 
send  a  single  check  to  a  vendor  providing 
multiple  services.  You  also  can  automate 
parts  of  the  invoice-review  process,  such  as 
automatically  approving  invoices  that  fall 
within  acceptable  parameters.  By  cutting  the 
number  of  checks  you  write  from  thousands 
to  hundreds, you’ll  see  tremendous  savings  in 
a  very  short  time. 


Got  great  ideas? 

■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you’ve 
got  one,  and  want  to  contribute  it  to  a 
future  issue,  contact  Editor  in  Chief 

John  Dix  (jdix@nww.com) 


•  Validate.  Once  you’ve  consolidated 
your  telecom  assets,  it  will  be  easier  to  see 
where  your  telecom  dollars  are  being  spent 
and  validate  that  this  is  the  appropriate  use 
of  your  budget.  One  key  to  validation  is  to 
map  the  centralized  asset  inventory  you’ve 
created  to  other  sources  of  data,  such  as 
carrier  invoices,  company  real-estate  direc¬ 
tories,  telecom  contracts,  tariffs,  CSRs  and 
employee  directories.  Another  key  to  valida¬ 
tion  is  to  map  the  use  of  assets  for  such 
things  as  long  distance  and  wireless  against 
key  performance  indicators  (that  is,  what 
people  or  offices  typically  use)  and  corpo¬ 
rate  use  policies. 

By  mapping  your  inventory  you’ll  be  able  to 
uncover  unused  services,  hardware  and  cir¬ 
cuits.  For  instance,  one  company  found  it  was 
still  paying  for  circuits  at  an  office  that  had 
closed  because  the  service  had  never  been 
terminated.  Another  company  determined  it 
had  been  paying  for  phone  lines  from  a  com¬ 
pany  with  a  similar  name,  because  of  a  data- 
entry  error  by  the  service  provider. 

Through  validation  of  use,  another  company 
found  the  highest  portion  of  its  monthly  wire¬ 
less  bill  —  $5,000  —  could  be  tracked  back  to 
employees  calling  overseas  at  a  high  cost  per 
minute.  With  the  insight  TEM  afforded,  the 
company  was  able  to  stop  the  calls  and  return 
this  money  to  the  budget. 

Savings  also  can  be  found  by  validating  fea¬ 
ture  sets.  Make  sure  you’re  not  being  charged 
for  add-ons  that  employees  don’t  need  and 
aren’t  supposed  to  be  using.  For  example,  one 
organization  using  a  TEM  tool  realized  it  was 
paying  $10  a  month  per  employee  for  cell¬ 
phone  texting  even  though  the  acceptable-use 
policy  banned  that  type  of  data  exchange. 

•  Negotiate.  In  a  decentralized  organiza¬ 
tion,  it’s  difficult  to  negotiate  bottom-line 
pricing  with  service  providers  because  you 
lack  volume  and  inventory  insight.  With  the 
business  intelligence  you  gain  from  a  con¬ 
solidated  expense-management  database, 
however,  you  can  see  the  types  of  services 
you’re  using  across  the  organization,  and  use 
that  data  to  negotiate  better  deals. 

One  company  reported  that  because  of  the 
amount  of  business  it  had  with  a  provider  it 
was  able  to  negotiate  a  minimal  service-sus¬ 


pension  fee  on  cell  phone  plans  in  lieu  of  the 
exorbitant  early-termination  fees  it  had  been 
charged.  Another  organization  said  it  used  its 
TEM  tool  to  monitor  data  use  on  handhelds, 
and  realized  it  could  drop  from  an  unlimited 
data-use  plan  to  a  less  expensive  service. 

The  important  thing  to  remember  is  that  it’s 
never  too  late  to  negotiate  a  contract  —  even 
if  the  ink  is  still  drying.  Nothing  is  set  in  stone, 
and  almost  everything  is  negotiable  —  espe¬ 
cially  if  you  have  facts  about  your  inventory 
and  use  at  the  ready 

•  Optimize.  TEM  is  an  ongoing  process,  not 
just  a  once-and-done  proposition.  Even  if  you 
have  streamlined  invoices  to  the  best  possi¬ 
ble  pricing  and  are  paying  only  for  assets  you 
are  using,  you  still  have  an  opportunity  to 
save  money  by  optimizing  your  voice  and 
data  infrastructure. 

These  savings  are  best  illustrated  by  a  com¬ 
pany  that  saved  hundreds  of  thousands  of  dol¬ 
lars  by  using  a  TEM  tool  to  determine  what  its 
cost  per  employee,  per  location  should  be.  It 
mined  the  database  and  found  that  on  the  high 
end,  the  cost  per  employee  at  one  location  was 
more  than  $4,000,  and  on  the  low  end,  the  cost 
per  employee  was  less  than  $100.  For  the  next 
few  months  the  company  used  this  informa¬ 
tion  to  normalize  the  telecom  resources 
required  per  employee  at  many  locations  by 
decreasing  network  capacity  where  possible. 
The  metric  then  was  used  as  a  benchmark  for 
ordering  telecom  services  for  new  locations. 

You  also  can  use  TEM  tools  to  optimize 
your  future  budget.  For  instance,  you  can  run 
in-depth  reports  to  show  whether  converting 
from  frame  relay  to  a  VPN  is  the  best  use  of 
your  budget.  Having  this  information  avail¬ 
able  allows  you  to  make  intelligent  decisions 
more  quickly. 

Finally, TEM  tools  let  you  optimize  your  over¬ 
all  balance  of  service  providers.  You  can  see 
which  are  cost-efficient  and  which  aren’t. 
Because  you  have  a  clear  view  of  your  inven¬ 
tory,  you’ll  be  able  to  transfer  assets  easily 
among  providers  and  verify  that  terminated 
services  indeed  have  been  disconnected. 

With  TEM,  you’ll  be  able  to  move  from  being 
reactive  to  proactive, continuously  save  money 
and  affect  your  bottom  line. 

Dunetz  is  executive  vice  president  of  Global 
Services  of  Rivermine  ( www.rivermine.com ). 
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Introducing  the  Wi-Jack  DuoT  the  world's  smallest, 
thinnest  802.1  la/b/g  wireless  access  point.  Its 
centrally  managed  thin  AP  technology  means  better 
security  and  easier  management.  The  sleek  design 
fits  unobtrusively  into  a  standard  wall  box  and 
supports  an  optional  network  port.  Thin  is  in  for  higher 
performance  in  wireless  network  performance. 


Get  the  story  on  why  the  Wi-Jack  Duo  is  the  perfect 
wireless  solution  by  calling  800-934-5432  or  visiting 

www.ortronics.com/wi-jack 
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Chrome  and  Firefox  and  add-ons,  oh  my 


Mark  Gibbs 


1  his  week  I  want  to  discuss  browser  stuff, an 
impulse  driven  by  Google’s  release  of  the 
Chrome  Web  browser. 

Before  1  discuss  Chrome,  let  me  digress  to  talk 
about  Firefox  3.  FF3  has  been  out  in  full  release 
GEARHEAD  for  a  couple  of  months  and  to  stick  with  any 
other  browser  you  would  have  to  be,  in  my  hum¬ 
ble  opinion,  a  committed  masochist. 

Other  browsers  have  their  strengths,  but  if  you 
want  a  browser  that  is  fast,  mostly  standards-based,  open  source,  cross 
platform,  extensible  and  mostly  well  behaved,  then  Firefox  is  the  best, and 
some  might  argue,  the  only  choice.  But  the  thing  that  really  sets  FF3  apart 
is  all  the  amazing  developer  add-ons  available.  If  you  haven’t  checked 
what’s  available  let  me  introduce  you  to  a  few  of  my  leetle  friends. 

First  up  is  the  DOM  Inspector.  If  you  want  to  explore  and  understand 
how  modem  Web  pages  are  built  you  absolutely  need  this  add-on 
because  it  can  be  used  to  inspect  and  edit  a  live  Document  Object  Model. 
You’ve  most  likely  read  about  the  DOM  before  but  in  case  you  forget  (also 
a  digression  —  that’s  three  stack  pushes  so  far),  it  is  an  object-oriented 
interface  to  the  structure  of  an  HTML  document  or  XUL  application. 

You  know  what  an  HTML  document  is  but  maybe  XUL  is  less  familiar, 
so  one  more  digression  (another  stack  push):  XUL  is  an  XML  user  inter¬ 
face  markup  language  that  came  out  of  the  Mozilla  Project.XUL  is  a  pret¬ 
ty  big  topic  that  I  don’t  have  the  space  to  cover  here,  and  as  it  isn’t  a 
World  Wide  Web  Consortium  (W3C)  standard  and  applies  only  to 
browsers  based  on  the  Gecko  rendering  engine,  we’ll  defer  the  topic  for 
another  column.  (Stack  pop). 

The  DOM  is  important  because  it  allows  scripts  and  other  processing 
systems  to  understand  and  manipulate  the  content  of  downloaded  Web 
pages.  A  trivial  example  of  this  would  be  to  use,  say  JavaScript  to  dynam¬ 


ically  change  the  color  scheme  of  a  page  by  finding  and  modifying  all 
HTML  elements  that  define  the  page  background  and  text  colors. 

Yet  another  digression  (stack  push  number  four):  Check  out 
Greasemonkey,  another  Firefox  add-on  that  allows  the  manipulation  of 
selected  Web  pages  through  the  DOM  using  JavaScript.  With  Grease- 
monkey  you  can  change  heading  styles  of  every  page  your  browser  vis¬ 
its,  or  apply  a  completely  new  design  to  the  content  of  one  specific  site 
as  rendered  by  your  browser.  Greasemonkey  is  an  amazingly  cool  idea 
that  I’ll  cover  in  depth  some  day  (Fbp) 

The  DOM  is  a  W3C  standard,  and  the  lowest  level  of  implementation, 
called  DOM  Level  l,has  been  a  W3C  recommendation  since  1998  and 
is  supported  by  all  modern  browsers.  Unfortunately  the  same  can’t  be 
said  for  the  higher  levels  of  the  DOM. Wikipedia  has  a  complex  and  con¬ 
fusing  comparison  of  the  DOM  implementations  and  W3C  recommen¬ 
dation  compliance  of  the  major  browser  layout  engines. 

This  implementation  variability  means  cross  browser  scripting  that 
requires  DOM  access  has  to  be  carefully  implemented,  and  as  a  conse¬ 
quence,  there  are  lots  of  developers  with  drinking  problems.  (Fbp). 

The  glory  of  the  DOM  Inspector  add-on  is  that  it  makes  it  easy  to  navi¬ 
gate  and  manipulate  the  DOM  hierarchy  of  a  document  loaded  into 
your  browser.  DOM  Inspector  provides  a  two-pane  window,  and  you  can 
choose  different  views  of  the  DOM  contents  in  each  pane.  DOM 
Inspector  keeps  the  views  synchronized  so  that  if,  for  example,  the  left 
pane  is  displaying  the  DOM  nodes  (a  hierarchical  view  of  the  elements 
of  the  DOM),  the  right  pane  can  show  the  value  of  the  selected  node  or 
the  JavaScript  objects  associated  with  that  node.  (Fbp.) 

Let’s  see,  we’re  now  at  two  stack  pushes.  Next  week,  the  program  will 
continue  .... 

Gibbs  gets  geeky  in  Ventura,  Calif  ( gearhead@gibbs.com ). 


Two  “iGadgets”  boost  music  experience 


COOLTOOLS 


The  scoop:  iTrip  Universal, 
by  Griffin  Technology, 
about  $40. 

What  it  is: 

Fbrtable  music 
player  FTVI  transmitters 
have  been  around 

_  for  a  while,  but  the 

latest  version  from 
Griffin  lets  you  connect  any  MP3  player 

(iFbd/iPhone,  Sony,  Sansa,  Samsung,  Creative  and  others)  to  the  device 
and  transmit  the  audio  to  any  nearby  FTVI  radio,  so  you  can  hear  the 
music  through  the  radio’s  speakers.  It’s  mainly  designed  for  listening  to 
your  portable  audio  player  in  the  car,  but  this  works  with  radios  in  the 
home  or  at  the  office  as  well. 

The  iTrip  Universal  includes  a  digital  display  that  lets  you  choose 
transmission  frequency  which  is  helpful  if  you  are  in  an  area  where  lots 
of  low-frequency  radio  stations  are  competing  for  air  space. 

Why  it’s  cool:  The  device  is  very  easy  to  set  up  and  use.  Once  pow¬ 
ered  up  all  you  have  to  do  is  plug  the  jack  into  your  device’s  headphone 
jack,  press  play  on  your  music  device  and  listen  to  the  music  (as  long 
as  the  frequency  on  the  device  and  FM  radio  match). 

Some  caveats:  The  device  is  powered  via  USB,  there’s  no  replaceable 
batteries  like  I’ve  seen  with  other  devices.This  saves  you  money  on  bat¬ 
teries,  but  it’s  odd  having  to  recharge  the  device  by  going  back  to  your 
office  or  home  to  connect  to  your  PC.  Also,  the  range  between  the 
device  and  FM  radio  is  a  bit  deceiving,  I  had  to  position  the  device  prac¬ 
tically  on  top  of  the  radio  in  order  to  avoid  static  during  my  transmis¬ 
sions. 

Grade:  ★★★★  (out  of  five) 


The  iTrip  Universal 


The  scoop:  i2i  Stream,  by 
Aerielle,  about  $100. 

What  it  is:  The  i2i  Stream  is 
a  pair  of  tiny  wireless  stream¬ 
ing  devices  (two  come  in 
one  pack)  that  let  you 
broadcast  content  on  one 
audio  device  to  others. 
Additional  i2i  Stream 
devices  can  be  connected 
so  you  can  stream  one-to-many  as  well. 
The  devices  are  charged  via  USB,  and  include  volume/mute  buttons 
and  can  connect  to  any  audio  player  with  a  headphone  jack.  In  addi¬ 
tion,  music  from  an  audio  player  can  be  wirelessly  streamed  to  portable 
speakers.You  don’t  need  to  attach  headphones  necessarily. 

Why  it’s  cool:  Kids  who  have  to  share  one  iPod  can  now  both  listen 
to  the  same  song  during  a  car  trip,  saving  potential  arguments  about 
who  gets  to  use  the  device.  When  working  out,  you  can  leave  the  iPod 
on  a  table  (within  sight  so  it  doesn’t  get  stolen),  and  stream  the  audio 
to  your  headphones  attached  to  the  i2i  Stream  (it  comes  with  a  wear¬ 
able  lanyard).  The  streaming  capability  is  easy  to  operate  —  the 
“broadcaster”  picks  one  of  seven  “colors”  (aka  frequencies)  to  trans¬ 
mit,  and  anyone  who  wants  to  listen  picks  the  same  color  on  their 
device. 

One  caveat:  The  wireless  range  (it  operates  at  2.4GHz)  is  about  30 
feet,  and  line  of  sight  helps  improve  the  range.  Streaming  between  walls 
may  cause  some  static  issues. 

Grade:  ★★★★★ 

Shaw  can  be  reached  at  kshaw@nww.com. 
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Line  up  network  problems. 


You've  got  an  eyewitness. 

Is  it  a  network,  application,  or  security  problem?  Find  out  instantly  with  the 
Network  Instruments®  GigaStor™  appliance.  No  other  analysis  device  can 
quickly  isolate  the  issue  to  provide  valuable  retrospective  analysis  and  security 
forensics.  Every  transaction  is  recorded,  making  it  easy  to  go  back  in  time  to 
determine  not  only  when  the  anomaly  took  place,  but  why. 

Resolve  intermittent  problems,  track  compliance,  isolate  VoIP  quality 
issues,  identify  zero-day  attacks  and  more  on  WAN,  Gigabit  and  10  GbE 
networks.  Reduce  network  complexity  with  the  GigaStor.  Because  when  it 
comes  to  your  network,  everything  is  a  suspect. 

|®  GigaStor:  Get  proof.  Take  action.  Move  forward. 
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Unified  communications 
creates  potential  vulnerabilities 
that  must  be  addressed 


of  UC  security  tfyeals 


BY  TIM  GREENE 


nified  communications  opens  up  your  VoIP  network  to  new 
avenues  of  collaboration,  including  instant  messaging,  video, 
business  applications  and  e-mail.  And  that  opens  up  your  net¬ 
work  to  new  avenues  of  attack. 

-  While  the  biggest  threats  to  VoIP  networks  remain  attacks  to  the  underlying 

IP  network  infrastructure,  unified  communications  opens  up  new  angles  of  attack  by 
creating  connections  between  VoIP  networks  and  corporate  data  networks. 

Typically,  most  corporate  deployments  try  to  segregate  VoIP  as  much  as  possi¬ 
ble,  creating  islands  that  protect  the  voice  network  by  broadly  restricting  access 
for  devices  unnecessary  to  supporting  calls,  says  Ted  Ritter,  an  analyst  with 
Nemertes  Research. 

Unified  communications  changes  all  that.“With  UC,by  definition  you  are  open¬ 
ing  up  your  infrastructure  and  focusing  on  collaboration,  reaching  out¬ 
side  the  enterprise  to  trading  partners  and  customers,”  Ritter  says. 

Eavesdropping,  altering  conversations, stealing  phone  access  to  com¬ 
mit  toll  fraud  and  flooding  targeted  extensions  with  calls  —  all  of 
which  were  possible  before  —  become  easier,  he  says. 

Don’t  ignore  basic  IP-network  attacks 

In  reality,  however,  few  of  these  theoretical  VoIP-spe¬ 
cific  attacks  have  occurred,  says  David  Endler,  chair¬ 
man  of  the  Voice  Over  IP  Security  Alliance  and 
senior  director  of  security  research  at  TippingFbint. 

Endler  has  co-authored  a  book  about  such  attacks 
called  Hacking  VoIP  Exposed,  but  acknowledges  that 
the  basic  step  of  protecting  the  IP  network  that 
underpins  VoIP  is  still  the  best  protection. 

“People  may  tend  to  look  at  some  of  the  sexier 
types  of  attacks  out  there  to  prevent  them  —  things 
such  as  eavesdropping  or  impersonation  or  caller-ID 
spoofing.The  truth  is  the  most  prevalent  threat  right  now  is 
the  very  basic  network-level  type  of  attacks,”  Endler  says. 

Still,  businesses  deploying  VoIP  should  be  aware  of  security 
cracks  that  unified  communications  can  open,  says  Stuart 
McLeod,  the  course  director  for  IT  training  firm  Global  Knowl¬ 
edge  who  teaches  its  VoIP  security  courses.  “Security  is  always 
about  having  as  many  layers  of  obstacles  as  possible  between 
the  hacker  and  his  goals.  We  lose  a  couple  once  you  move  to  uni¬ 
fied  communications,”  he  says. 
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EAVESDROPPING,  altering  conversations,  stealing 

PHONE  ACCESS  TO  COMMIT  TOLL  FRAUD  AND  FLOODING  TARGETED  EXTENSIONS  WITH  CALLS  - 
ALL  OF  WHICH  WERE  POSSIBLE  BEFORE  -  BECOME  EASIER  TED  RITTER,  ANALYST  WITH  NEMERTES  RESEARCH 


mail  that  gets  emailed,  an  instant-message  sent 
outside  the  company  or  an  archived  videocon¬ 
ference  that’s  sitting  on  a  disk  and  contains 
patient  information. 

Unified  communications  also  creates  legal 
complexities  that  can  affect  policies  about  stor¬ 
ing  call  data,  Ritter  says. Voice  mail  attachments 
to  emails,  for  instance,  are  classified  as  elec¬ 
tronic  data  that  must  be  made  available  during 
the  discovery  phase  of  lawsuits,  he  says.  If  such 
voice  mail  is  stored  on  a  thumb  drive  that  sits  in 
a  desk  drawer  for  three  years,  it’s  discoverable  as 
electronically  stored  data,  he  says.  “The  voice 
mail  is  still  around  even  though  the  voice  mail 
system  itself  purged  it  years  ago,”  he  adds. 

Businesses  that  are  most  successful  with  uni- 
fied-communications  deployments  bring  their 
security  teams  in  early  in  the  planning  process, 
but  that  is  not  the  usual  case,  Ritter  says. 
“Unfortunately  we  still  find  security  is  typically 
one  of  the  last  teams  to  be  involved  in  plan¬ 
ning,”  he  says. 

Ritter  recommends  getting  the  security  and 
compliance  teams  together  early  in  the  plan¬ 
ning  for  unified  communications  and  VoIP  That 
offloads  much  of  the  responsibility  for  security 
from  the  implementers,  who  are  more  likely  to 
be  telephony  experts  or  general  infrastructure 
experts.  Corporate  litigation  teams  also  should 
be  brought  in. 

The  exposure  ofVoIP  will  continue  to  increase 
with  new  technologies,  Ritter  says.  Nemertes 
found  that  46%  of  IT  executives  it  surveyed  who 
are  planning  service-oriented  architectures  say 
they  also  plan  to  integrate  unified  communica¬ 
tions  with  such  SOA  applications  as  CRM  or  ERP 

“That  adds  another  layer  of  complexity 
because  it  extends  UC  and  VoIP  into  the  applica¬ 
tion  domain,”  Ritter  says.  Despite  this  exposure, 
Nemertes  found  that  security  teams  had  the  least 
amount  of  input  into  SOA  deployments. 

Part  of  the  problem  may  be  that  business 
executives  see  security  as  just  saying  no  to 
anything  that  exposes  networks  and  data  to 
more  risk,  even  if  it  means  blocking  useful 
ways  of  doing  business. 

“We  don’t  know  if  they  see  security  as  business 
prevention  and  that’s  why  they  don’t  bring  them 
in,  or  organizationally  they’re  still  in  silos,”  Ritter 
says.“We  don’t  think  the  security  teams  are  being 


For  example,  unified  communications  may 
introduce  the  use  of  softphone  clients  on  PCs, 
which  can  cause  trouble,  says  Jason  Ostrom, 
director  of  Viper  Labs,  the  security  research  arm 
of  Sipera  Systems,  a  vendor  that  specializes  in 
VoIP  security  With  an  eye  toward  testing  business 
VoIP  networks,  he  develops  VoIP-specific  attacks 
in  his  lab,  automates  existing  attacks  and  makes 
them  more  sophisticated. 

Ostrom  says  the  Microsoft  Office  Commun¬ 
ications  Server  client  and  Cisco  Communicator 
softphone  client  for  call-center  applications  can 
be  potential  sites  for  attack,  particularly  from 
insiders.  They  could  break  into  the  data  virtual- 
LAN  via  the  clients,  which  have  listening  voice 
services  to  tap  into  the  VoIP  VLAN,  he  says. 

Also,  unifed  communications  applications  live 
on  the  voice  VLAN  that  are  tied  into  Lightweight 
Directory  Access  Protocol  and  Active  Directory 
servers,  creating  another  exposure  for  the  data 
network  “User  passwords  and  corporate  data  can 
be  stolen  through  the  voice  VLAN, "Ostrom  says. 

Risk  assessment  is  essential  to  making  deci¬ 
sions  about  defending  VoIP  tied  to  unified  com¬ 
munications,  says  Paul  Kocher,  president  and 
chief  scientist  at  Cryptography  Research,  a  data 
security  consultancy  Unifed  communications 
represents  a  series  of  sophisticated  integration 
points  with  applications  that  can  create  other 
risks,  but  not  all  of  them  are  urgent,  he  says. 

For  example,  within  unified-communications 
software,  programs  can  be  configured  to  trigger 
phone  calls,  but  that’s  not  a  major  problem. 
“There  are  potential  eavesdropping  scenarios,  or 
the  application  could  be  corrupted  to  call  the 
wrong  phone  numberf  Kocher  says.  “But  those 
aren’t  the  types  of  things  you  lie  awake  at  night 
and  worry  about.” 

It’s  possible  to  defend  these  networks,  Ritter 
says,  but  their  increased  complexity  means  that 
more  corporate  business  units  need  to  be 
involved  at  a  higher  level  than  was  required  for 
stand-alone  VoIP 

Don't  ignore  the  compliance  factor 

Compliance  is  a  big  issue  in  such  industries  as 
finance,  healthcare  and  the  payment-card 
industry  which  have  regulations  that  can  affect 
VoIP  Unified  communications  must  be  de¬ 
fended  against  data  leaks,  whether  it  is  voice 
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brought  in  early  enough  in  the  planning  to  deal 
with  the  complexities  and  the  vulnerabilities 
that  are  putting  the  organization  at  risk.” 

Rsrhaps  the  biggest  threat  to  VoIP  security  is 
that  many  if  not  most  users  don’t  consider 
security  thoroughly,  the  experts  say 

“Most  VoIP  deployments  I  have  seen  do  not 
have  recommended  best  practices  in  place 
like  strong  encryption,  authentication  and 
access  control  protecting  the  VoIP  network 
from  the  rest  of  the  network,”  Viper  Labs’ 
Ostrom  says. 

Beyond  that,  some  businesses  don’t  recog¬ 
nize  that  they  use  protocols  that  may  be  tam¬ 
pered  with  readilyThe  most  common  mistake 
I  see  is  the  use  of  insecure  protocols  for  things 
like  VLAN  assignment,”  says  Andy  Zmolek, 
senior  manager  for  security  planning  and  strat¬ 
egy  for  Avaya. 

“They  should  use  link-layer  discovery  pro¬ 
tocol  and  802.  IX  authentication  to  make 
sure  VLAN  assignments  and  access  control 
are  secure,”  Zmolek  says.  Without  secure 
authentication,  a  PC  could  masquerade  as  a 
phone,  get  access  to  the  VoIP  VLAN,  then 
wreak  havoc.” 

Another  problem  has  nothing  to  do  with 
technology  but  rather  the  communication 


within  the  teams  that  are  supposed  to  deploy 
it,  Zmolek  says.  For  instance,  many  customers 
send  out  RFPs  that  include  features  that  never 
get  turned  on  after  they  make  the  purchase. 
“They  have  the  ability  of  encrypting  signaling 
and  media,  and  they  rarely  turn  that  on.  You 
could  argue  the  security  organization  should 
handle  that,  but  the  security  teams  are  just 
beginning  to  understand  how  to  make  sure  the 
desired  security  is  enforced,”  he  says. 

Businesses  should  beware  of  automatically 
trusting  their  employees,  Ostrom  says.  He 
says  he  finds  faulty  thinking  among  corpora¬ 
tions  relying  on  VoIP:  Because  VoIP  users  are 
on  the  internal  network  and  those  users  are 
trusted,  there  is  no  VoIP  security  problem. 
That  is  a  dangerous  assumption  because  an 
attacker  with  network  access  can  do  vast 
damage,  he  says. 

A  user  with  network  access  can  piggyback 
on  the  successful  802.  IX  authentication  of  an 
IP  phone  by  inserting  a  rogue  laptop  on  a  hub 
shared  by  the  phone,  Ostrom  says. 

The  phone  authenticates  to  the  switch  port, 
but  there  is  no  per-packet  authentication  after 
that.  If  an  attacker  shares  the  authentication  with 
a  hub  that  the  phone  uses  to  connect  to  the  net¬ 
work,  it  gains  access  to  the  VoIP  network  and 


can  create  man-in-the-middle  attacks  for  eaves¬ 
dropping  or  changing  the  content  of  phone 
calls,  Ostrom  says. “We’ve  developed  a  proof-of- 
concept  tool  to  demonstrate  this  attack,”  he  says. 
“With  it  they  can  target  other  phones  or  VLAN 
hop  to  attack  the  data  network.” 

Most  of  the  concern  businesses  have 
about  VoIP  still  centers  on  protecting  the 
underlying  data  network  from  such  assaults 
as  denial-of-service  attacks,  says  Irwin  Lazar, 
an  analyst  with  Nemertes. 

“Overall  though,  I’d  say  that  security  doesn’t 
rank  all  that  high  among  IT  executive  concerns 
around  VoIP  right  nowf  Lazar  says,  “though  as 
enterprise  VoIP  networks  are  extended  beyond 
the  network  boundary  via  peering  and 
[Session  Initiation  Protocol]  trunking,  con¬ 
cerns  will  increase.” 

It  may  take  serious  consequences,  though,  to 
prompt  better  VoIP  security  practices  like 
encryption,  Global  Knowledge’s  McLeod  says. 
“I  think  the  average  Fortune  500  company  is 
going  to  have  to  have  some  security  event 
occur  to  have  a  wake-up  call  before  they 
spend  the  monejf  he  says.“Then  there  will  be 
more  pressure  placed  on  the  vendor  to  make 
security  like  it  is  in  Wi-Fi  —  automatic,  easy  and 
every  piece  of  gear  includes  it.”B 
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Avaya  offers  wide  array  of  unified 
communications  wares 

Integrating  UC  pieces  is  the  challenge 


BY  ROB  SMITHERS,  FRED  AUN  AND  JUAN  COLMENARES  OF  MIERCOM,  A 

here  is  a  lot  to  like  about  Avaya’s  one-X  Unified 
Communication  platform. 

The  company  offers  a  dizzying  array  of  unified  communica¬ 
tions  products  that  enterprises  can  piece  together  to  craft  cus¬ 
tomized  systems  grounded  in  the  company’s  long,  solid  tele¬ 
phony  history  That  said,  integrating  all  the  pieces  takes  a  lot  of  effort  and 
may  require  a  great  deal  of  assistance  from  Avaya  and  its  resellers. 

This  Clear  Choice  Test  is  the  first  in  a  series  of  reviews  that  examine  the 
facets  comprising  enterprise  unified  communications  platforms. 

Our  hands-on  evaluation  of  a  2,500-user  Avaya  unified  communica¬ 
tions  deployment  included  an  example  of  each  of  Avaya’s  one-X  suite  of 
unified  communications  endpoints,  including  hard  phones,  softphone 
clients,  smart-phone  clients  and  a  Web  portal  interface.  These  clients 
were  connected  to  redundant  Avaya  S8730  IP  PBX/communications 
servers  running  a  hardened  version  of  Red  Hat  Linux  and  Avaya 
Communication  Manager  5.1  software. 

In  the  test  bed’s  main  office  configuration,  we  employed  Avaya’s  SES 
Session  Initiation  Protocol  server  to  perform  standards-based  SIP-call  set¬ 
up  and  routing,  which  worked  in  tandem  with  the  S8730  servers.  The 
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servers  were  also  connected  to  a  G650  Media  Gateway  which  provided 
media  translation  (G248,  H.323  and  SIP),  SIP  trunking  and  other  voice 
gateway  functions.  According  to  Avaya,  this  configuration  is  capable  of 
supporting  as  many  as  36,000  users,  including  16,000  IP  endpoints. 

As  our  branch-office  unified  communications  link,  we  tested  the  Avaya 
G450  Media  Gateway  equipped  with  embedded  S8300  blade  communi¬ 
cation  servers,  also  running  Communication  Manager  5.1. This  configu¬ 
ration  is  capable  of  supporting  as  many  as  450  users. 

Our  hands-on  evaluation  included  more  than  a  dozen  endpoints, 
including  IP  hard  phones,  desktop  videophones,  PC-based  softphones 
and  mobile  phones.  We  assessed  the  user  interfaces,  including  the 
breadth  of  features  and  functions  they  support,  use  of  presence  capabil¬ 
ity,  voice-to-text  support,  and  integration  with  existing  corporate  e-mail 
and  communications,  including  Microsoft  Exchange  and  IBM  Lotus 
Notes  Sametime  servers. 

The  easiest  way  to  understand  Avaya’s  unified  communications  plat¬ 
form  is  to  examine  its  various  parts. 

The  S8730  servers  in  our  test  network  handled  call  routing  and  pro¬ 
vided  the  basic  PBX  telephony  functions.  The  G650  media  gateways  ran 

See  Avaya,  page  40 
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alongside  the  S8730  to  provide  traditional  gateway  features,  including 
connectivity  to  SIP  trunks  and  H.323-to-SIP  conversion.  The  new 
Communication  Manager  5.1  software,  which  provides  core  IP  PBX  func¬ 
tions,  features  a  number  of  improvements  over  Communication  Manager 
4.0,  including  better  server  survivability  enhancements  to  integrate  with  a 
SIP  contact  center  and  support  for  additional  hardware  configurations. 

The  S8730s  we  tested  had  Advanced  Micro  Devices  Opteron  Quad 
Core  processors  with  4GB  of  memory  operated  by  Red  Hat  Enterprise 
Linux  4.0  operating  systems.  Overall  system  availability  was  increased 
with  the  RAID  1  controllers  and  the  optional  second  RAID  hard  disk 
drive.  A  second  power  supply  is  an  optional  feature. 

When  we  physically  disconnected  a  remote  office  from  the  main 
S8730  servers,  connectivity  was  restored  in  about  3.5  minutes  because 
the  remote  S8300  blade  servers  took  over  the  main  servers’  functions  at 
that  point.  During  the  down  period,  all  calls  in  progress  remained  con¬ 
nected  but  no  new  calls  could  be  made.  Such  features  as  presence  or 
directory  services  were  unavailable  until  connectivity  was  restored  or 
the  full  system  failover  took  place. 

The  system  was  configured  (according  to  Avaya’s  best-practices  stan¬ 
dard)  to  wait  3  minutes  before  turning  over  control  to  the  S8300.The  3- 
minute  failover  delay  is  a  good  practice  for  a  geographically  distributed 
failover  mechanism  to  avoid  “flapping”  back  and  forth  or  a  premature 
failover.  This  adjustable  lag  is  designed  to  give  the  WAN  a  chance  to 
recover  on  its  own.  If  the  3-minute  lag  was  eliminated,  the  system  theo¬ 
retically  could  restore  connectivity  in  30  seconds. 

Local  system  resiliency  for  the  Avaya  S8730  provided  instantaneous 
failover  in  other  tests  we  conducted.  We  interrupted  network  connec¬ 
tions  and  power  supplies  to  invoke  the  same  unit  redundancies,  as  well 
as  failover  to  a  standby  S8730. 

We  also  tested  security  of  the  system’s  components, specifically  aiming 
to  make  communications  fail.  We  conducted  a  series  of  vulnerability 
scans, compound  attacks, distributed  denial-of-service  (DoS)  attacks  and 
SIP-torture  assaults. 

A  Mu  Dynamics  Mu-4000  Security  Analyzer  was  our  weapon  of  choice 
inside  the  test  network,  combined  with  our  own  proprietary  VoIP  secu¬ 
rity  test  tool  set.  With  the  MlM000,we  sent  more  than  2.5  million  anom¬ 
alies  and  permutations  of  specific  attack  vulnerabilities  using  a  variety  of 
protocols.The  hardened  Avaya  system  withstood  all  attacks. 

We  made  several  attempts  using  SIP  signaling  exploits  to  spoof  an 
Avaya  IP  phone  (pretending  to  be  one  of  the  authenticated  endpoints 
on  the  network). The  system  would  not  allow  us  to  register. We  were  also 
unsuccessful  in  cracking  the  system  using  “man  in  the  middle”  attacks 
whereby  we  attempted  to  intercept  call  setup  and  call-media  voice  traf¬ 
fic.  Our  attempts  to  overrun  the  S8730  and  SES  SIP  servers  with  call 
requests  were  also  unsuccessful. 

When  we  ran  the  distributed  DoS  attacks  none  of  the  components 
failed  or  required  a  reset.  At  best,  we  could  hinder  calls  from  the  soft 
clients,  the  Avaya  9640  hard  phones  and  other  endpoints,  but  we  could¬ 
n’t  break  the  components  or  cause  the  equipment  to  need  a  reset.  The 
product  satisfied  our  base-level  performance  metrics  for  a  modern  IP 
PBX,  achieving  6,000  busy-hour  calls  with  1,000-user  loads  without  drop¬ 
ping  any  calls.  We  expected  at  least  a  few  dropped  calls  at  this  level  of 
operation,  so  this  call-completion  volume  is  impressive. 

Voice-quality  tests  achieved  4.4  or  higher  in  the  mean  opinion  score 
(MOS)  tests  even  when  transitioning  between  H.323  and  SIP  calls,  an 
excellent  showing  compared  with  other  telephony  systems  we’ve  tested. 
Of  course,  Avaya  did  have  the  advantage  of  using  separate  media  gate¬ 
ways  that  provided  additional  processing  power  for  this  feature. 

Building  on  this  strong  VoIP  base  service,  Avaya  has  branded  many  of 
its  UC  interfaces  as  part  of  its  one-X  family  of  products.  We  tested  one-X 
Communicator,  the  one-X  Deskphone  Edition  960Oseries  phones,  one-X 
Portal,  one-X  Desktop  Edition,  one-X  Mobile  and  one-X  Speech. 


In  general  we  liked  the  one-X  interface  designs.To  varying  degrees, they 
afforded  necessary  access  and  interaction  between  communication 
modes  including  instant  messaging,  voice  mail,  e-mail  and  telephony 
Most  were  integrated  with  a  functional  presence  to  allow  you  to  see 
other  parties’  availability  while  you  advertise  your  own. 

Avaya  one-X  endpoints 

The  one-X  IP  telephones  feature  the  latest  in  VoIP  technology,  such  as 
displaying  presence, integration  with  Microsoft  Outlook, extension  to  cel¬ 
lular  delivery  and  use  of  the  G.722  codec  open  standard  for  wideband 
audio. The  units  we  tested  — Avaya’s  top-of-the-line  9640  and  9650  mod¬ 
els  —  provided  excellent  sound  quality 

All  phones  in  the  9600  family  support  H.323. SIP  support  is  available  on 
the  9620, 9630/30G  and  9640/40G.A  product  called  SIP  R2.0  for  the  9600 
Series  provides  security  enhancements  such  as  Secure  Real-Time 
Transport  protocol  and  Transport  Layer  Security  The  9640  has  a  VGA 
color  display 

The  9640  taps  into  Outlook  calendar  appointments  and  offers 
changeable  display  skins.  We  also  accessed  the  Avaya  instant  mes¬ 
saging  application  using  a  programmable  soft  key.  The  phone’s 
alphanumeric  keypad  was  used  for  typing  messages,  and  the  9640 

See  Avaya,  page  42 


s  NETRESULTS 

Product  one-X  Unified  Communication  Solution 

Vendor  Avaya,  www.avaya.com/uc 

Price  $540,000* 

Pros  One-number  identity  can  follow  users  to  any 

device;  strong  system  resiliency;  strong  inte¬ 
gration  with  legacy  telephony  hardware; 
superb  voice  quality;  many  options  for  client- 
side  devices. 

Cons  Voice  mail  resiliency  couldn't  be  demonstrated 

in  testing;  UC  client  GUIs  are  not  consistent 
across  product  lines;  Avaya  presence  informa¬ 
tion  not  ported  to  MS  Office  Communicator; 
no  instant  messaging  for  mobile  clients. 

Score  4.03 

*  Price  includes  cost  for  server  infrastructure  to  support  a  four-site  deployment  with  2,500  aggregate  users, 
2,000  of  which  are  equipped  with  full  voice-messaging  and  unified  communications  capability.  Includes  cost  of 
redundant  servers  at  main  and  branch  locations.  Does  not  include  the  cost  of  UC  endpoint  component  and 
network  infrastructure  hardware. 


SCORECARD 


Action 

Features  and  functionality 

Weight 

25% 

4.25 

Integration 

25% 

3.50 

Reliability 

12.5% 

4 

Management  and  monitoring 

12.5% 

4 

Security 

12.5% 

4.25 

Performance 

12.5% 

4.50 

Total  score 

4.03 

Scoring  key:  5:  Exceptional;  4:  Very  good;  3:  Average;  2:  Below  average; 
1:  Subpar  or  not  available. 
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SAVE  THE  DATE!  Mark  your  calendar  to  attend 


GET  READY  TO  GO  FROM  0  TO  60  SOLUTIONS  ON 

IT’s  Most-Critical  Topics... 


The  IT  Roadmap  provided  me  with 
a  huge  amount  of  insight  into 
upcoming  trends  in  the  technology 
industry.  It  also  provided  a  great 
forum  for  me  to  ask  questions  and 
to  receive  direction  on  the  latest 
and  greatest  tools  to  perform 
crucial  IT  functions,  it  was  a  day 
well  spent. 

CHRIS  RAPP 

ASST.  VP  /  DIRECTOR  OF  TECHNOLOGY 
SOVEREIGN  BANK 

Excellent  Conference  and  Expo!!! 
Five  Stars  out  of  five. 

The  information  I  collected  in  one 
day  was  "Priceless''  and  will  keep 
me  busy  for  months. 

FREDERICK  N.  SPINGOLA 

CIO  &  VP  TECHNOLOGY 

THE  BENEFIT  SERVICES  GROUP,  INC. 


IT  Roadmap  Conference  &  Expo  continues  it’s  trek  in  2008  with  a  nationwide  tour 
including  new  cities,  new  topics,  new  speakers  and  new  sponsors!  That’s  right.  You’ll 
have  a  chance  to  attend  one  of  the  multi  city  events  we’ll  be  offering  this  year. 


You  won’t  want  to  miss  out  on  10  sessions  of  crucial  network  technology: 


>  VIRTUALIZATION 

>  ENTERPRISE  MOBILITY 

>  NETWORK  AND  APPLICATION 
ACCELERATION 

>  NAC:  NETWORK  ACCESS  CONTROL 

>  DATA  CENTER  INFRASTRUCTURE 
AND  MANAGEMENT 


>  SECURITY  AND  COMPLIANCE 

>  NETWORK  MANAGEMENT,  AUTOMATION 
&  CONTROL 

>  VOIP,  VIDEO  AND  UNIFIED  COMMUNICATIONS 

>  NEXT  GENERATION  WAN  SERVICES 

>  SAAS  AND  CLOUD  COMPUTING 


Complete  with  case  histories  from  front-line  users.  Data  from  industry  researchers. 
Insights  from  IT  specialists.  And  embedded  within. ..a  tightly-focused, solution- 
oriented  expo  of  top  vendors. 

We  look  forward  to  seeing  you  at  IT  Roadmap! 


Qualified  Alumni  are 
PRE-APPROVED 


INTERESTED  IN  ATTENDING?  INTERESTED  IN  SPONSORING? 

www.networkworld.com/itr2008 
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features  a  USB  port  to  connect  a  keyboard  as  well. 

We  could  access  our  email  from  the  device  by  dialing  the  oneX 
Speech  attendant  to  have  our  messages  read  to  us.  The  assumption  is 
that,  in  most  cases  the  desktop  phone  will  be  close  to  a  computer  that 
will  most  likely  be  the  interface  used  for  instant  messaging,  e-mail  and 
calendar.  But  it  is  good  to  know  these  applications  can  be  accessed 
through  the  hard  phone  only 

When  used  with  Communication  Manager  5.1,  the  9640  supports  as 
many  as  three  Subnet  Bandwidth  Manager  24-button  expansion  mod¬ 
ules  allowing  it  to  serve  as  a  receptionist-type  phone. 

Avaya  one-X  Communicator 

Avayas  one-X  Communicator  is  a  unified  communications  softphone 
application  that  incorporates  all  the  functionality  of  Avaya’s  one-X 
Desktop  client.  For  instant  messaging,  one-X  Communicator  includes 
Avaya’s  own  instant  messaging  application  and  provides  API  hooks  into 
existing  “default”  instant  messaging  programs  such  as  Microsoft  Office 
Communicator,  IBM  Lotus  Sametime  and  Jabber.  E-mail  hooks  also  exist 
for  access  into  Microsoft  Outlook  client  and  IBM  Lotus  Sametime. 


guidepma 

One-X  Communicator  has  a  SIP  and  an  H323  version  that  are  identical 
except  for  underlying  protocol  support.This  enables  switching  between 
the  softphone  client  and  desktop  hard  phone. 

Companies  can  deploy  one-X  Communicator  either  as  a  stand-alone 
client  application  or  utilize  the  integration  of  one-X  Communicator  into 
existing  applications  including  Microsoft  Office  Communicator  or  Citrix 
Presentation  Server. 

One-X  Communicator  gets  telephony  presence  information  from  the 
Intelligent  Presence  Server,  which  is  another  piece  of  the  UC  puzzle.This 
software  product  —  which  we  ran  on  IBM  X306  server  —  tracks,  main¬ 
tains  and  advertises  user  presence  information  and  communicates  with 
Microsoft  Office  Communications  Server. 

In  testing,  users  are  able  to  make,  receive  and  handle  voice  calls,  send 
instant  messages  and  track  each  others’  presence  using  a  graphical  inter¬ 
face  we  found  intuitive  and  clean.  The  Avaya  one-x  Communicator  pro¬ 
vides  integrated  access  using  APIs  to  the  mail  client  being  used.  Avaya’s 
other  product  offerings  also  push  UC  functionality  to  the  e-mail  in-box,  for 
example,  voice-to-text  in  an  e-mail  form  and  visual  voice  mail  where  you 
can  see  full  caller  detail  information  and  attached  WAV  files  in  an  e-mail. 

See  Avaya,  page  44 


Mapping  out  Avaya's  one-X  Unified 
Communication  network 


Testers  gave  Avaya’s  UC  platform  high  praise  for  the  amount  of  choice  it  offers 
corporations  looking  to  customize  UC  services  for  their  environment  This 
graphic  shows  the  pieces  of  the  Avaya  suite  tested  by  Network  World  Lab 
Alliance  partner  Miercom.  For  outline  of  the  full  test  procedure,  see  "How  we  did 
it"  www.nwdocfinder.com/6522. 


UC  endpoints 


UC  back-end  services 


Remote  branch  office 


one-X  Mobile 


This  provides 
service  to  one-X 
Mobile  clients  (cell 
phone  applications). 


Avaya  one-X  Portal  on 
Apple  MacBook  Pro 


Communicator 


•••• 

•••• 

•••• 

•••• 

•••• 


orie-X  Desk 
Phone  9640 


Required  to 
provide 
presence 
throughout 
one-X  UC  family. 

Provides 
services  to 
run  one-X 
Portal. 

This  Web 
server  supports 
one-X  Portal 
UC  clients. 

Used  for 
G.248  SIP 
and  H.323 
conversion. 


one-X 

Mobile 

server 

IPS 

server 

AES 

server 


S8730 

server 


This  IP-PBX  server 
handles  all  call 
routing  for  the  UC 
products. 


Modular 

messaging  This  server  provides 
server  °  voice  mai' services' 


one-X 

Portal 

server 


one-X 

Speech 

Server 


SES 

server 


This  is  required  to 
run  voice-command 
assistant. 

This  SIP  server 
handles  SIP  feature 
set  and  SIP 
presence  for  IP 
hard  phones. 


GlearSight 

Analyzer 


WinSIP  3.0  WinSIP  MU-4000 

UC  test  tools 


Hammer 

Transport 


f 


This  all-in-one  gateway  is  used 
for  G.248  SIP  and  H.323 
conversion  at  the  branch-office 
level.  It  is  configurable  with 
S8300  Media  Server  blade  to 
provide  a  complete  communica¬ 
tions  platform  there. 
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Avaya  one-X  Portal 

Avaya  one-X  Fbrtal  is  a  Web-based  application  that  runs  on  a  separate 
server  (Avaya’s  AES  —  Application  Enablement  Server)  and  brings 
access  to  UC  functions,  including  telephony  conferencing  and  messag¬ 
ing,  to  any  device  with  a  browser  and  an  Internet  connection.  It  does  not 
require  software  to  be  installed  on  a  user’s  computer. 

We  tested  access  to  the  portal  using  a  Windows  XP-based  notebook 
running  Internet  Explorer  7  and  an  Apple  notebook  running  Safari. The 
interfaces  were  exactly  the  same  on  both  browsers. 

The  logon  procedure  was  easy:  We  just  entered  a  user  name  and  pass¬ 
word,  which  were  verified  against  Active  Directory  We  were  glad  to  see 
there  was  no  “remember  me”  feature.  While  convenient,  these  functions 
can  lead  to  security  breaches. 

Access  to  all  communication  applications  including  e-mail  and  instant 
messaging  takes  place  directly  from  the  browser.The  application  worked 
well,  providing  call  logs  and  allowing  us  to  dial,  conference  and  transfer 
in  one  click.  On  conference  calls,  we  could  see  the  names  of  all  partici¬ 
pants  and  we  could  mute  any  of  them,  a  function  that  comes  in  handy 
to  silence  participants  calling  from  sites  with  a  lot  of  background  noise. 

Using  the  one-X  Fbrtal  (just  like  with  one-X  Communicator)  we  could 
easily  see  whether  other  users  in  the  test  network  were  on  the  phone, 
online,  in  a  conference  call  or  available  for  instant  messaging,  and  thereby 
we  could  make  an  intelligent  decision  on  the  best  way  to  communicate. 

Avaya’s  one-X  Mobile  application  brings  a  level  of  unified-communi- 
cations  capability  to  mobile  phones  by  providing  access  to  office  phone 
functions  through  a  GUI.  It  should  be  noted  that  one-X  Mobile  does  not 
provide  e-mail  access.  Nor  does  it  provide  presence  and  messaging 
capabilities.  In  essence,  one-X  Mobile  isn’t  going  to  turn  a  dumb  phone 
into  a  smart  one. 

According  to  Avaya,  the  one-X  Mobile  client  can  be  used  on  more  than 
200  models  of  cell  phones,  including  the  Apple  iPhone.  The  one-X 
Mobile  family  consists  of  software  clients  for  Symbian, Windows  Mobile, 
BlackBerry  Phlm,  Java  and  iPhone. 

Our  testing  on  the  BlackBerry  Curve  and  BlackBerry  8700  showed  that 
one-X  Mobile  comes  pretty  close  to  offering  mobile  users  all  the  tele¬ 
phony  communication  options  they  get  in  the  office.  Its  single  business 
number  access  feature  lets  the  user  receive  calls  from  one  central  place 
without  providing  callers  the  mobile  phone  number. This  mobile  desk¬ 
top  extension  lets  the  user  decide  to  take  a  message,  have  it  stay  in  the 
Avaya  voice  mail  store  or  get  returned  to  the  Avaya  attendant.  Also,  the 
caller  ID  information  sent  when  returning  calls  can  utilize  information 
pertaining  to  the  office  desk  phone  instead  of  the  mobile  account. 

The  mobile  application  has  configurable  settings  that  can  be  used  to 
block  callers  and  send  them  directly  into  voice  mail  or  another  number. 
Instead  of  using  the  mobile  carrier’s  voicemail  system,  oneX  Mobile  can 
route  callers  to  the  Avaya  Communication  Manager  5.1  voicemail  sys¬ 
tem,  which  has  more  features,  including  voiceto-text  and  email  versions 
of  the  voice  mail. 

We  liked  the  way  Avaya  oneX  Mobile  let  us  use  the  office  phone  call  his¬ 
tory  as  well  as  the  corporate  directory  (via  LDAP)  and  the  contact  list 
stored  on  the  phone,  which  is  synchronized  with  Microsoft  Exchange  or 
IBM  Sametime.  The  data  can  be  used  to  generate  calls  on  the  portable 
unit.lt  was  a  fast  process  that  didn’t  force  us  to  dial  entire  phone  numbers. 

Formerly  known  as  Unified  Communication  Center,  Avaya  oneX 
Speech  allows  remote  and  office  users  from  any  phone,  anywhere,  to 
access  UC  tools  and  information  through  voiceactivated  commands. 

Returning  calls  was  easy  with  the  “call  sender”  feature  for  voice  mail  if 
automatic  number  identification  is  supplied  or  if  the  recipient  was  part 
of  the  corporate  LDAP  directory  or  personal  contacts  listing.lt  accurately 
dialed  the  senders  of  e-mail  whose  names  were  part  of  the  directory  or 
contact  list,  and  it  was  able  to  create  ad  hoc  conference  calls  while 


maintaining  access  to  voice  mail,  e-mail,  calendar  and  task  information. 

We  tested  the  application’s  ability  to  accurately  understand  Spanish 
and  found  it  did  a  good  job.  More  impressive  was  its  ability  to  understand 
English  as  spoken  by  a  person  with  a  Hispanic  accent.  However,  one-X 
Speech  stumbled  when  we  tried  speaking  in  Russian. 

Avaya  Integrated  Management  System 

All  of  the  pieces  of  the  Avaya  UC  puzzle  are  managed  via  a  large  set  of 
UC  management  applications  that  come  together  in  a  centralized,  Web- 
accessible  portal  called  the  Avaya  Integration  Management  System.  It 
serves  as  the  main  point  of  access  for  the  administration  tools,  device 
managers,  network  management  and  provisioning  applications. 

The  VoIP  System  View  displays  a  hierarchical  and  logical  view  of  the 
VoIP  network,  encompassing  everything  from  the  voice  server  down  to 
individual  IP  phones.  It  provided  quick  and  easy  location  of  users,  and 
we  could  identify  VoIP  connection  paths  through  the  converged  network 
as  well  as  physical  connectivity 

The  Avaya  Site  Administration  tool  offered  helpful  wizards  that  simpli¬ 
fied  basic  administration  functions  such  as  moves,  additions  and 
changes,  finding  extensions  and  monitoring. 

The  Avaya  Voice  Announcement  Manager  provides  a  secure  storage 
area  for  WAV-based  voice  announcements  that  can  be  copied,  backed 
up  or  restored.The  Avaya  Software  Update  Manager,  a  component  of  the 
Network  Management  Console,  simplifies  maintenance  and  the  updat¬ 
ing  of  software  and  software  used  in  Avaya’s  various  UC  components. 

Other  management  applications  included  in  this  toolbox  are  the  Avaya 
Configuration  Manager,  the  Avaya  VoIP  Monitoring  Manager,  the  Avaya 
Fault  and  Performance  Manager,  the  Avaya  MultiSite  Administration 
resource  and  the  Integrated  Management  Database. 

In  general,  the  application  set  is  comprehensive  and  offered  easy-to- 
use  but  very  powerful  methods  of  keeping  tabs  on,  and  fixing  problems 
in,  every  nook  and  cranny  of  an  Avaya  UC  installation. 

The  management  system’s  only  drawback  was  that  the  voice-quality 
monitoring  function  used  test  call  traffic  rather  than  assessing  the  MOS 
for  real  voice  calls  on  the  network. 

Conclusion 

Avaya’s  strength  in  legacy  voice  communications  and  extensive  PBX 
feature  set  converge  with  the  business  communications  benefits  of 
instant  messaging,  text  to  speech, speech  to  text,  visual  voice  mail,  inter¬ 
active  voice  response,  auto  attendant  and  others  to  produce  an  easy-to- 
use  and  productivity-enhancing  UC  solution. 

There  are  many  components  that  comprise  Avaya’s  UC  solutions,  find 
this  can  be  overwhelming.  However  customers  deploying  full  UC  or  just 
the  IP  PBX  component  will  appreciate  the  variety  of  interoperable  com¬ 
ponents  and  choose  those  that  best  solve  its  problems. 

Avaya  approaches  UC  from  a  “telephony  is  king”  perspective.  This 
approach  manifests  itself  in  Avaya’s  relative  reliance  on  links  to  existing 
applications  for  integration  of  e-mail  and  instant  messaging  in  some  of 
the  one-X  clients,  but  it’s  not  anything  that  significantly  diminishes  the 
overall  excellence  of  the  company’s  UC  effort.To  counter  those  who  sug¬ 
gest  a  UC  solution  is  incomplete  if  the  vendor’s  UC  application  doesn’t 
provide  its  own  e-mail  and  messaging  in  every  single  communications 
device  supported,  one  might  ask  why  another  e-mail  in-box  or  instant 
messaging  client  is  necessary  when  one  already  exists  and  works  well. 

Network  reliability  and  security  are  major  concerns  in  the  enterprise. 
Our  testing  confirmed  that  Avaya’s  latest  UC  offerings,  particularly  the  sur¬ 
vivability-enhancing  features  available  with  the  new  S8730  and  gateway 
servers,  will  virtually  ensure  communication  remains  intact  with  even 
less  than  perfect  IP  networks. 

Miercom  is  a  Network  World  Lab  Alliance  partner.  Smithers  is  CEO, 
Colmenares  is  a  test  engineer  and  Aun  is  a  senior  analyst.  They  can  be 
reached  at  reuiews@miercom.com. 
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CUSTOMIZED 

POWER  &  MONITORING  SOLUTIONS 


MINIMIZING 
SUPPLIER  COMPLICATIONS 


Geist  has  launched  an  in-house  metal  works  division.  This  new 
operation  includes  fabricating  and  powder  coating  equipment, 
enabling  Geist  to  streamline  chassis  production  as  an  internal 
function.  The  new  metal  works  capabilities  will  further  enhance 
Geist’s  rapid  production  response  by  minimizing  restrictions  due 
to  suppliers’  schedules. 

Get  started  creating  your  ideal  power  and  monitoring  solution. 


800-432-3219 
www.geistmfg.com 


Let  the  Model  135 
Monitor  Your  Site 


The  Model  1 35  Site  Monitor  is  designed  to  serve  as  your 
"resource  kit”  for  monitoring  and  maintaining  computer, 
communications,  and  specialized  equipment  locations. 
With  a  wide  range  of  built-in  capabilities,  it’s  easy  to 
tailor  a  powerful  site-specific  solution. 

Highlights  include  10/100  Ethernet  and  analog  modem 
connectivity,  serial  port  access  and  text  data  "matching,” 
AC  and  DC  voltage  monitoring,  ping  testing,  and  contact 
closure  inputs  and  outputs.  And  the  web-based  interface 
makes  setup  and  use  a  straight-forward  process. 

For  complete  details  on  the  Model  135,  give  us  a  call 
or  visit  www.gkinc.com. 


Gordon  Kapes,  Inc. 

Skokie,  IL  USA  |  Ph  847-676-1750  I  Www.gkinc.com 
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With  Sentry  CDU  Products! 

Basic,  Metered,  Smart  &  Switched 
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Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


Basic  CDU 

>  Reliable  &  Economical 

Metered  CDU 

>  Local  Input  Current  Monitoring 

>  Simple  3-Phase  Load  Balancing 

Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temp.  &  Humidity  Probes 

>  Secure  IP  &  Serial  Monitoring  of  Power, 
Temperature  &  Humidity 

Switched  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temp.  &  Humidity  Probes 

>  Secure  IP  &  Serial  Monitoring  of  Power, 
Temperature  &  Humidity 

>  Remote  Power  Control  for  Each  Outlet: 
ON/OFF/Reboot  with  Graceful  Server  Shutdown 

>  Smart  Load  Shedding 

>  kW  per  In-Feed,  Per  Cabinet,  or  Per  Square  Feet 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology,  Inc. 


Server  Technology,  Inc, 

%  1040  Sandhill  Drive  tf  +1.800.835.1515 

Reno,  NV  89521 —USA  tel  +1.775.284.2000 

www.servertech.com  *ax  +T775. 284, 2065 

www.servertechblog.com  sales@servertech.com 
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info^netoptics-com 


Ensure  Visibility  and  Security  with  Net  Optics 

Why  take  a  chance  at  all.  Protect  your  valuable  business  assets 
with  Net  Optics  Bypass  Switches.  1 00  percent  passive  access 
and  fail-over  for  in-line  networking  appliances:  IPS,  WAN 
acceleration,  firewall  and  more. 

Visit  www. netoptics.com 
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Efficiently  aggregate  full-duplex  data  into  your  analysis  or  security  device. 

•  Supports  1 0/1 00/1 000  Buffer  options: 

•  Stream  into  two  different  devices  256  MB  $1,295 

•  Rack  mount  up  to  three  across  „  -j  MR . <170? 
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IT  ups  data  security  investment 


BY  JON  BRODKIN 

IT  budgets  are  on  the  rise,  reflecting  growing 
concern  over  data  breaches  and  increasing 
CEO  involvement  in  the  task  of  protecting  sen¬ 
sitive  data,  Forrester  Research  analysts  say 

Ten  percent  of  IT  operating  budgets  is  de¬ 
voted  to  security  in  2008,  an  increase  from  8% 
last  year,  a  Forrester  study  released  last  week 
revealed.  In  a  survey  of  1,255  security  decision¬ 
makers  at  North  American  companies,  21% 
expect  to  increase  IT  security  spending  in 
2009,  compared  with  6%  who  expect  security 
spending  to  decrease.  The  rest  will  keep  their 
security  budgets  stable.  Those  are  impressive 
numbers  in  this  economy  analyst  Khalid  Kark 
said  in  a  keynote  during  Forrester’s  Security 
Forum  in  Boston. 

“1  remember  when  the  security  budget  was 
less  than  4%  of  the  IT  budget,”  Kark  said.  “This 
number  is  amazing.  In  this  tough  economic 
time,  three  out  of  four  of  us  are  saying  were 
going  to  keep  this  10%  budget  and  one  in  five 
of  us  are  saying  we’re  going  to  increase  this 
budget  in  the  next  12  months. Wow,  that’s  great.” 


SECURITY:  GOING  UP 

10%  of  IT  operating  budgets  will  be 
spent  on  security  this  year,  up 
from  8%  last  year.  Security  pros 
are  enjoying  greater  visibility,  with 
30%  having  dotted-line  relation¬ 
ships  with  the  board  or  CEO. 


If  there  is  a  downside  for  security-minded  IT 
professionals,  it’s  that  more  money  brings 
greater  scrutiny  More  red  tape,  processes  and 
approvals  are  needed  to  justify  purchases  of 
even  relatively  minor  security  products,  Kark 
said.  An  organization-wide  focus  on  security 
also  brings  higher  expectations,  and  some¬ 
times  conflicting  expectations  from  the  various 
departments  in  a  business. 

But  IT  security  pros  are  enjoying  greater 
influence  with  business  executives.  Security 


has  been  the  top  priority  for  CIOs  in  Forrester 
surveys  for  four  straight  years,  and  30%  of 
security  decision-makers  surveyed  report  hav¬ 
ing  a  “dotted-line  relationship”  with  the  board 
or  CEO. Another  19%  report  having  such  direct 
links  to  the  executive  committee. 

“We’ve  all  been  frustrated  in  making  the  case 
for  information  security  getting  [the  business 
executives]  to  buy  in.  But  I  think  times  have 
changed,”  Kark  said.  “I  remember  the  time 
when  I  had  to  wait  two  weeks  to  get  a  meeting 
with  the  CIO,  let  alone  the  CEO.” 

Kark  attributes  this  change  in  attitude 
partly  to  data  breaches  and  resulting  media 
coverage  and  lawsuits  that  focus  public 
scrutiny  on  information  security.  But  the 
shift  has  also  occurred  because  IT  profes¬ 
sionals  have  spent  years  arguing  that  secu¬ 
rity  deserves  greater  attention,  and  CEOs  are 
starting  to  get  it,  he  said. 

The  challenges  of  security  are  numerous,  and 
include  protecting  customer  information  and 
corporate  intellectual  property  while  develop¬ 
ing  disaster  recovery  capabilities,  Kark  said.B 


Cisco 

continued  from  page  28 

centralized  management  system  that  does 
everything,”  she  says.  “If  you  look  at  what  cus¬ 
tomers  actually  need,  it  really  is  specific  to  their 
domains.  Things  have  to  have  the  complexity 
managed  there,  as  opposed  to  being  a  general¬ 
ist.  That’s  the  trade-off  you  take.” 

To  that  end,  Cisco’s  network  management 
architecture  begins  with  CiscoWorks  infra¬ 
structure  management  as  the  foundation, 
topped  by  separate  domain  managers  for  data 
center,  wireless,  unified  communications,  mu lti- 
cast  and  security.Those  domain  managers  then 
are  capped  by  management  applications  for 
compliance  and  change  and  configuration 
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automation  and  control;  network  application- 
performance  analysis;  and  network-enabled, 
policy-based  identity 

CiscoWorks  is  the  user  interface  for  this  archi¬ 
tecture,  Sage  says.  From  there,  users  can  access 
different  tool  sets  to  drill  down  into  domain- 
specific  tasks,  she  says. 

That  still  leaves  a  couple  more  burning  needs 
for  Cisco  users,  says  Glen  Tindal,  CTO  of  third- 
party  management-software  vendor  Intelliden. 
Scalability  —  being  able  to  expand  the  infra¬ 
structure  as  customer  demand  dictates  —  is 
one.“It’s  important  to  make  one  investment,  to 
grow  on  the  back  of  that  investment,  and  to  feel 
comfortable  that  it  can  scale  to  meet  demand,” 
he  says.  Auditability  and  compliance  also  are 
needed  to  ensure  security,  consistency  and  the 
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network’s  ability  to  fulfill  the  service-level 
requirements  of  the  customer. 

Cisco’s  been  offering  a  compliance-manage¬ 
ment  application  suite  called  Proactive  Auto¬ 
mation  of  Change  Execution  —  or  PACE  — 
since  July  2006.  Intelliden’s  customers,  how¬ 
ever,  virtually  all  of  whom  have  Cisco-based 
infrastructure,  require  more  than  what  the  ven¬ 
dor  offers, Tindal  says. 

“I  can’t  have  a  situation  where  I  have  differ¬ 
ent  pieces  and  parts,  each  one  of  those 
addressed  either  partially  or  not  at  all,”  Tindal 
says  on  behalf  of  his  customers.“I  have  to  have 
all  of  those  components  because  it’s  upon 
those  that  I’m  going  to  build  my  business.  And 
where  the  network  is  my  business,  needless  to 
say  it’s  really  key  important  and  critical.” 

Perhaps  this  is  why  Chambers  laments  the 
state  of  Cisco  network  management  year-in 
and  year-out. 

“Chambers  is  always  highly  critical  because 
he’s  a  perfectionist,”  Sage  says  of  her  boss’  com¬ 
ments.  “His  various  comments  on  network 
management  stem  from  the  fact  that  he  really 
really  deeply  cares  about  this  area,  and  he  sees 
it  as  one  key  that  directly  benefits  our  cus¬ 
tomers.  If  you  were  to  ask  him  if  anyone  in  the 
industry  has  nailed  network  management,  he 
would  agree  that  they  haven’t. 

“I  think  what’s  a  little  bit  unfortunate  about 
that  is  that  it  misses  some  of  our  real  network- 
management  success  stories,”  Sage  continues. 
“Part  of  what  you  see  is  that  it’s  very  hard  to 
stop  and  celebrate  the  success  when  there  are 
new  technologies  around  the  corner.  Network 
management  never  gets  a  break.  It’s  tough  to 
get  those  comments  —  at  the  same  time,  he 
raised  a  very  high  bar  for  us.”  ■ 
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How  to  ruin  a  great  product 


Mark  Gibbs 


re  you  sitting  comfortably?  Then  our  story, 
“How  to  ruin  a  great  product,”  can  begin. 

I  Once  upon  a  time,  there  was  a  really  really 
cool  application  called  Xcelsius. 

This  software,  from  a  company  called 
BACKSPIN  Infommersion,  allowed  you  to  import  an  Excel 
spreadsheet  and  create  a  flash  presentation 
with  graphical  controls  and  components  to 
manipulate  the  underlying  spreadsheet  data. 
Using  this  software  you  could  create  the  most  amazing  corporate  infor¬ 
mation  dashboards  and  analytical  tools.  It  was  pure  magic. 

So  it  was  that  I,  your  humble  narrator,  recognizing  fabulosity  did  dis¬ 
cuss  the  product  in  my  Gearhead  column,  not  once  (my  original 
review  was  in  2004)  but  many  times.  It  was  that  good  a  product. 

But  then  the  dark  clouds  of  acquisition  did  swirl  across  the  commer¬ 
cial  landscape,  and  in  late  2005  Business  Objects  purchased  Infom¬ 
mersion  and  Business  Objects  was  in  turn  acquired  by  SAP  in  January 
this  year.  And  in  all  of  this  swirl  and  flurry  of  filthy  lucre,  the  Xcelsius 
product  apparently  got  rather  sidelined. 

The  previous  release  of  Xcelsius, Version  4.5,  was  turned  loose  in  June 
2006,  and  the  latest,  Xcelsius  2008,  in  mid-March  this  year. The  latest 
release  is,  so  I  am  told,  a  complete  rewrite  and  went  from  being  a  mere 
glimmer  in  the  corporate  eye  to  a  full  release  in  just  18  months. That’s 
way  too  fast  for  such  a  complex  product  —  and  it  shows. 

I  hadn’t  had  a  chance  to  look  at  Xcelsius  2008  until  a  week  or  so  ago, 
and  within  minutes  of  installing  and  firing  it  up  I  found  problems.  An 
obvious  problem  was  Xcelsius’  habit  of  randomly  changing  which 
spreadsheet  cells  a  control  was  linked  to. 

But  that  was  nothing  compared  to  the  dumbest  bug  of  all  —  and  I 
am  apparently  the  first  person  to  find  this  gotcha:  Flash  presentations 


that  have  text-entry  fields  and  labels  (such  as  “Enter  the  amount”)  have 
a  problem.  When  you  run  the  presentation  and  you  use  the  tab  key  to 
jump  from  one  text  field  to  the  next, you  can  wind  up  in  a  label.  Even 
though  the  label  should  be  static  text,  when  you  type,  the  label  will  be 
changed. 

At  first  I  couldn’t  believe  it  and  tried  all  sorts  of  weird  and  wonderful 
tests  along  with  rereading  the  documentation  (something  I  prefer  not 
to  do),  and  still  this  bug  appeared. So,  I  got  in  touch  with  the  gurus  at 
EverythingXcelsius.com. They  tried  out  my  bug  demo  and  lo  and 
behold,  found  exactly  the  same  problem. 

An  update  called  Xcelsius  SP1  was  released  on  Aug.  l,and  guess 
what?  It  has  the  exact  same  bug!  How  could  the  Xcelsius  quality  assur¬ 
ance  team  miss  such  an  obvious  issue?  (That,  of  course,  supposes  that 
such  a  team  exists.) 

Here’s  the  thing:  If  you  check  out  the  various  forums  and  blogs  that 
discuss  Xcelsius  you’ll  find  this  is  not  a  happy  user  community  The  fea¬ 
tures  and  issues  they  had  been  asking  for,  first  from  Business  Objects 
and  then  from  SARwere  done  —  but  done  poorly  or  not  at  all.  In  fact 
most  serious  Xcelsius  developers  still  use  Version  4.5  because  the  2008 
and  2008  SP1  versions  are  so  buggy  Moreover,  that  is  despite  the  fact 
that  there  are  many  things  that  4.5  can’t  do  that  they  really  need! 

What  the  various  owners  of  Xcelsius  have  done  is  take  a  truly  great, 
market-defining  product  and  mismanage  it  into  a  complete,  shambolic 
mess.  It  has  become  unreliable,  its  performance  often  terrible,  and  it  is 
horribly  buggy 

And  that,  dear  listeners,  is  how  you  ruin  a  great  product. Will  there  be 
a  happy  ending?  It  doesn’t  look  hopeful. 

Gibbs  tells  true  tales  in  Ventura,  Calif.  Relate  yours  to  backspin 
@gibbs.com. 


Was  MythBuster’s  RFID  tale  only  a  myth? 


It  all  started  when  Adam  Savage  of  Myth- 
Busters  fame  told  a  convention  audience 
that  legal  bullies  from  the  credit  card  indus¬ 
try  had  cowed  Discovery  Channel  into  scotch¬ 
ing  an  episode  of  the  show  that  was  to  have 
taken  on  RFID. 

NETBUZZ  In  the  video, Savage  says:  I’m  not  sure  how 

News  Insights  oddities  much  of  this  ^ l  m  allowed  to  te!1  —  but  ™ 

tel1  y°u  what  1  know. We  were  going  to  do  RFID 

—  on  several  levels:  how  reliable,  how  hack- 

able,  how  trackable,  etc.  —  and  one  of  our  researchers  called  up  Texas 

Instruments  and  they  arranged  a  conference  call.” 

Savage  wasn’t  on  the  call  himself,  but  continues:“Texas  Instruments 

comes  on  along  with  chief  legal  counsel  for  American  Express, Visa, 

Discover  [Card], and  everybody  else. They  absolutely  made  it  really 

clear  to  Discovery  [Channel]  that  they  were  not  going  to  air  this 

episode  talking  about  how  hackable  this  stuff  was.  Discovery  backed 

way  down,  being  a  large  corporation  that  depends  upon  the  revenue 

of  the  advertisers.” 

Savage’s  incendiary  accusation  went  relatively  unnoticed  at  the  time, 
but  caught  fire  on  the  Internet  over  the  Labor  Day  weekend.  Days  later 
it  became  clear  he  was  considerably  less  knowledgeable  about  what 
transpired  than  he  let  on,  although  how  much  of  his  backtracking  is 
backsidecovering  will  be  left  open  to  speculation. 

Here’s  Savage’s  statement  from  last  week  as  provided  by  Discovery 
Channel:“I  have  to  admit  that  I  got  some  of  my  facts  wrong, as  I  wasn’t 
on  that  story  and  as  I  said  on  the  video,  I  wasn’t  actually  in  on  the  call. . 
. .  If  1  went  into  the  detail  of  exactly  why  this  story  didn’t  get  filmed,  it’s 
so  bizarre  and  convoluted  that  no  one  would  believe  me,  but  suffice  to 
say ...  the  decision  not  to  continue  on  with  the  RFID  story  was  made 
by  our  production  company  Beyond  Productions,  and  had  nothing  to 


do  with  Discovery  or  their  ad  sales  department.” 

That’s  not  all  that  Savage  got  wrong.  Jon  Drummond,  a  PR  guy  at 
Discover  Financial  Services,  tells  me:  “The  statement  that  Discover  par¬ 
ticipated  in  the  call  that  was  mentioned  in  the  video  is  incorrect.” 
American  Express  told  me  the  same  thing. 

And  here’s  whatTI  sent:“In  June  2007,  MythBusters  was  interested  in 
pursuing  some  great  myth-busting  ideas  for  RFID. They  contacted  Texas 
instruments’  RFID  Systems  ...  for  technical  help  and  understanding  of 
RFID  in  the  contactless-payments  space.  Some  of  the  information  that 
was  needed  to  pursue  the  program  required  further  support  from  the 
contactless-payment  companies,  as  they  construct  their  own  propri¬ 
etary  systems  for  security  to  protect  their  customers.To  move  the 
process  along, Texas  Instruments  coordinated  a  conversation  with 
Smart  Card  Alliance,  which  invited  MasterCard  and  Visa,  about  contact¬ 
less  payments  to  help  MythBusters  get  the  right  information. 

“Of  the  handful  of  people  on  the  call,  there  were  mostly  product 
managers  and  only  one  contactless-payment  company’s  legal-counsel 
member. Technical  questions  were  asked  and  answered,  and  we  were 
to  wait  for  MythBusters  to  let  us  know  when  the  segment  would  air.  A 
few  weeks  later, Texas  Instruments  was  told  by  MythBusters  that  the  sto¬ 
ryline  had  changed  and  they  were  pursuing  a  different  angle  which 
did  not  require  our  help.” 

So,  what  really  happened?  Having  spent  30  years  in  the  news  busi¬ 
ness,  I’m  not  sure  that  the  funnyman  MythBuster  simply  woke  up  on 
the  wrong  side  of  the  bed  the  day  he  spilled  his  guts  to  a  roomful  of 
geeks  while  a  video  camera  rolled.  Wouldn’t  surprise  me  in  the  least  if 
the  truth  actually  lies  somewhere  between  Savage’s  moment  of 
unguarded  or  ill-informed  candor  and  subsequent  change  of  tune. 

It’s  the  kind  of  mystery  that  MythBusters  might  —  uh,  never  mind. 

Send  your  personal  theories  to  buzz@nww.com. 
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Star  Supermarket,  Inc 


The  number  one  reason 


This  is  the  real  world,  and  this  is  where  ADTRAN 
stands  apart.  Whether  you  are  a  reseller,  a  small 
business  owner  or  an  established  IT  professional, 
with  ADTRAN  products  you  can  rest  easy.  ADTRAN’s 
networking  and  IP  telephony  solutions  offer  business- 
class  reliability  and  performance  at  affordable  prices. 
We  stand  behind  our  products  with  industry-leading 
warranties  and  renowned  support. 

Don’t  you  think  it’s  time  to  Get  Real? 


www.adtran.  com/switch 


New  NetVanta®  Switches 

ADTRAN  offers  a  full  line  of  business-class, 
high-performance  networking  solutions 
designed  and  built  for  real  value,  including 
our  new  NetVanta  Series  of  Gigabit,  Power 
over  Ethernet,  and  Fast  Ethernet  switches. 


Smart  Solutions  for  a  Connected  World 


Copyright  ?  2G08:  ADTRAN  Inc.  All  rights  reserved.  ADTRAN  and  NetVanta  ate  registered  trademarks  of  ADTRAN,  Inc.  EN21A082508NWW 


IBM  System  x35501M  Express.  It’s  designed  to  stay  up  and 
running  and  help  reduce  system  downtime.  In  fact,  it  can 
even  identify  a  potential  problem  before  it  becomes  one. 
And  if  you  ever  have  to  replace  a  component,  you  can  do 
that  without  having  to  shut  down.  Just  one  more  way  the 
x3550  Express  keeps  downtime  down. 

From  the  people  and  Business  Partners  of  IBM. 

It’s  innovation  made  easy. 


RUN  YOUR  CRITICAL  APPLICATIONS  WITH  CONFIDENCE. 


PN: 7978EJU _ 

Featuring  up  to  two  Quad-Core  Intel®  Xeon®  Processors  E5430  2.66GHz 
Hot-swap  redundant  cooling  for  high  availability 

Includes  IBM  Director  and  PowerExecutive  to  help  manage  power 
consumption,  increase  uptime,  reduce  costs  and  improve  productivity 

3-year  on-site  limited  warranty2  on  parts  and  labor 


IBM  SYSTEM  STORAGE™ 
DS3400  EXPRESS  KIT 

$13,793 

OR  S352/MONTH  FOR  36  MONTHS1 


PN:  1726-42U _ _ _ 

All-in-one  kit  makes  it  easier  to  migrate  from  your  DAS  network  to  SAN 
Includes  IBM  System  Storage  DS3400  Dual  Controller,  four  IBM  Emulex  42C2069 
4Gb/s  PCI  Express  HBAs,  Brocade  SAN  8  Port  Fibre  Channel  switch  (16  total 
ports),  twelve  4Gb/s  SFPs,  and  eight  5-meter  optical  LC  cables 
Emulex  EZ  Pilot™  installation/management  software  included 


IBM  TIVOLI®  CONTINUOUS  DATA  PROTECTION  FOR  FILES 

$42  per  user 


PN:  D613ALL _ 

Save  and  recovery  technology  enables  file  recovery  to  any  point  in  time 

Continuous  Data  Protection  (CDP)  protects  your  data  from  the  aftermath  of  a  virus 
attack  or  user  error 

Up  to  3  backup/replication  areas  help  protect  against  corruption,  file  loss  or 
system  loss 


COMPLIMENTARY  SYSTEMS  ADVISOR  TOOL 

=  =~  — -  express 

Want  to  find  the  right  server  or  storage  system  for  you? 

advantage™ 

Our  Systems  Advisor  Tool  can  help.  Just  give  the  tool  a  littie 

input,  and  it  will  identify  products  that  can  help  meet  your 

ibm.com/systems/uptime 

business  needs.  Get  started  now  at  ibm.com/systems/uptime 

1  866-872-3902  (mention  6N8AH04A) 

1.  IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  LIC  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers.  Monthly  payments  provided  are  for  planning  purposes 
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